Re: Default shares & SMS Server

On Mon, 24 Oct 2005, Goran Sevic wrote:
> While performing audit of an organisation, we found all the default
> shares including (C$ & D$) been enabled on the user's workstations. When
> asked the tech team, mentioned that these shares are needed for the
> functioning of Microsoft SMS servers.
>
> Is anyone aware of the requirement of these shares on the workstations?
> My feeling is that the ADMIN$ share on the workstations is enough for
> the operation of SMS functions.

MS hints that they can be used for backup by some 3d-party programs.
You can just delete C$, D$, ... and check if everything is still OK.
Btw, it will be shared again unless you set to 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
AutoShareWks on a workstation and AutoShareServer on a server

-- 
Regards,
ASK

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------