Friends
mercredi 30 janvier 2008
Managing Administrative Shares
A handful of the shares you see in the Shared Folders list are created by the operating system. Most of these share names end with a dollar sign ($), which makes them "invisible" when another Windows user browses through the list of shares on your computer. They are not inaccessible, however. Any user who knows the name of an administrative share can attempt to connect to it simply by typing the share name at a command prompt rather than selecting it from the browse list. (Use UNC format to make such a connection: \\computername\sharename.) If the computer that contains the administrative shares is running Windows 2000 or Windows XP Professional with Simple File Sharing disabled, the connection will be successful if the remote user supplies a user name and password that match the credentials of a local administrator. With Simple File Sharing enabled, however, all interactive logons to administrative shares are blocked. In fact, because Simple File Sharing cannot be disabled in Windows XP Home Edition, this version of Windows creates only the IPC$ share by default.
In general, you cannot view or set permissions on administrative shares, as you can for shares you create; the operating system hard-wires access controls so that only members of the local Administrators group and select built-in accounts can connect to administrative shares.
You can stop sharing administrative shares only temporarily. The share reappears the next time the Server service starts or you restart your computer. In Chapter 2, we provide instructions for disabling this feature so that when you delete an administrative share it is not automatically re-created the next time you restart your computer. (See 9. Review All Network Shares for details).
Table 14-1 describes the administrative shares you are most likely to see on a computer running Windows 2000 Professional or Windows XP.
Table 14-1. Administrative Shares
Share Name Description
C$, D$, E$, and so on
Windows creates a share for the root folder of every partition and volume on a local hard drive, using the drive letter of the volume (followed by a dollar sign to hide the share) as the share name. Each share allows members of the Administrators and Backup Operators groups to connect to the specified volume. These shares are often used by backup programs and by centralized network administration tools such as Microsoft Systems Management Server.
ADMIN$
This share maps to the %SystemRoot% folder (C:\Windows on a typical clean installation of Windows XP; C:\Winnt on a typical clean installation of Windows 2000). This share is most often used by remote administration programs.
IPC$
Windows creates this share to enable interprocess communications (IPC) using a protocol called named pipes. IPC allows data transfer between programs and processes over a network—during remote administration and when viewing a computer's resources, for instance.
PRINT$
This share is used for remote administration of printers.
FAX$
This share exists only if you have fax server software installed and is rarely used on desktop versions of Windows; it is used by clients to send faxes and access cover pages stored on the server.
Newcomers to Windows 2000 and Windows XP are sometimes unnerved to learn that the operating system sets up administrative shares and makes them accessible from the network. In normal use, these shares are perfectly safe from attack. For high-security environments, however, expert users may choose to disable these shares.
A handful of the shares you see in the Shared Folders list are created by the operating system. Most of these share names end with a dollar sign ($), which makes them "invisible" when another Windows user browses through the list of shares on your computer. They are not inaccessible, however. Any user who knows the name of an administrative share can attempt to connect to it simply by typing the share name at a command prompt rather than selecting it from the browse list. (Use UNC format to make such a connection: \\computername\sharename.) If the computer that contains the administrative shares is running Windows 2000 or Windows XP Professional with Simple File Sharing disabled, the connection will be successful if the remote user supplies a user name and password that match the credentials of a local administrator. With Simple File Sharing enabled, however, all interactive logons to administrative shares are blocked. In fact, because Simple File Sharing cannot be disabled in Windows XP Home Edition, this version of Windows creates only the IPC$ share by default.
In general, you cannot view or set permissions on administrative shares, as you can for shares you create; the operating system hard-wires access controls so that only members of the local Administrators group and select built-in accounts can connect to administrative shares.
You can stop sharing administrative shares only temporarily. The share reappears the next time the Server service starts or you restart your computer. In Chapter 2, we provide instructions for disabling this feature so that when you delete an administrative share it is not automatically re-created the next time you restart your computer. (See 9. Review All Network Shares for details).
Table 14-1 describes the administrative shares you are most likely to see on a computer running Windows 2000 Professional or Windows XP.
Table 14-1. Administrative Shares
Share Name Description
C$, D$, E$, and so on
Windows creates a share for the root folder of every partition and volume on a local hard drive, using the drive letter of the volume (followed by a dollar sign to hide the share) as the share name. Each share allows members of the Administrators and Backup Operators groups to connect to the specified volume. These shares are often used by backup programs and by centralized network administration tools such as Microsoft Systems Management Server.
ADMIN$
This share maps to the %SystemRoot% folder (C:\Windows on a typical clean installation of Windows XP; C:\Winnt on a typical clean installation of Windows 2000). This share is most often used by remote administration programs.
IPC$
Windows creates this share to enable interprocess communications (IPC) using a protocol called named pipes. IPC allows data transfer between programs and processes over a network—during remote administration and when viewing a computer's resources, for instance.
PRINT$
This share is used for remote administration of printers.
FAX$
This share exists only if you have fax server software installed and is rarely used on desktop versions of Windows; it is used by clients to send faxes and access cover pages stored on the server.
Newcomers to Windows 2000 and Windows XP are sometimes unnerved to learn that the operating system sets up administrative shares and makes them accessible from the network. In normal use, these shares are perfectly safe from attack. For high-security environments, however, expert users may choose to disable these shares.
Libellés : Administrative, Managing, Shares
0 Comments:
Funny Blogs
Blogger Roll
Free Software
