Programming4us
         
 
 
Windows

Windows 7 : Disabling the Hidden Administrative Shares

12/26/2010 5:00:22 PM
I mentioned in the preceding section that you can add $ to a share name to hide the share, and that it is a good idea to also modify the share name to something not easily guessable by some snoop. Note, however, that Windows 7 sets up certain hidden shares for administrative purposes, including one for drive C: (C$) and any other hard disk partitions you have on your system. Windows 7 also sets up the following hidden shares:

ShareShared PathPurpose
ADMIN$%SystemRoot%Remote administration
IPC$N/ARemote interprocess communication

To see these shares, select Start, All Programs, Accessories, Command Prompt to open a Command Prompt session, type net share, and press Enter. You see a listing similar to this:

Share name   Resource                        Remark
--------------------------------------------------------------------------
C$ C:\ Default share
D$ D:\ Default share
ADMIN$ C:\Windows Remote Admin
IPC$ Remote IPC

So, although the C$, D$, and ADMIN$ shares are otherwise hidden, they’re well known, and they represent a small security risk should an intruder get access to your network.

To close this hole, you can force Windows 7 to disable these shares. Here are the steps to follow:

1.
Select Start, type regedit, and then press Enter. The User Account Control dialog box appears.

2.
Enter your UAC credentials to continue. Windows 7 opens the Registry Editor.

Caution

Remember that the Registry contains many important settings that are crucial for the proper functioning of Windows 7 and your programs. Therefore, when you are working with the Registry Editor, don’t make changes to any settings other than the ones I describe in this section.

3.
Open the HKEY_LOCAL_MACHINE branch.

4.
Open the SYSTEM branch.

5.
Open the CurrentControlSet branch.

6.
Open the Services branch.

7.
Open the LanmanServer branch.

8.
Select the Parameters branch.

9.
Select Edit, New, DWORD (32-bit) Value. Windows 7 adds a new value to the Parameters key.

10.
Type AutoShareWks and press Enter. (You can leave this setting with its default value of 0.)

11.
Restart Windows 7 to put the new setting into effect.

Once again, select Start, All Programs, Accessories, Command Prompt to open a Command Prompt session, type net share, and press Enter. The output now looks like this:

Share name   Resource                        Remark
--------------------------------------------------------------------------
IPC$ Remote IPC

Caution

Some programs expect the administrative shares to be present, so disabling those shares may cause those programs to fail or generate error messages. If that happens, enable the shares by opening the Registry Editor and either deleting the AutoShareWks setting or changing its value to 1.

Other -----------------
- Windows 7 : Hiding Your Shared Folders
- Windows 7 : Setting Security Permissions on Shared Folders
- Windows 7 : Setting Sharing Permissions on Shared Folders
- Configuring Windows 7 for Secure Networking
- Windows 7 : Setting Up User Security - Determining Who Is Logged On
- Windows 7 : Setting Up User Security - Using the Guest Account to Give Folks Temporary Access
- Windows 7 : Setting Up User Security - Renaming Built-In Accounts for Better Security
- Windows 7 : Setting Up User Security - Hiding Usernames in the Logon Screen
- Windows 7 : Setting Up User Security - Closing Off Your Computer by Disabling All Other Users
- Windows 7 : Setting Up User Security - Preventing Elevation for All Standard Users
- Windows 7 : Using Parental Controls to Restrict Computer Usage (part 2) - Setting Up Parental Controls for Games
- Windows 7 : Using Parental Controls to Restrict Computer Usage (part 1) - Activating Parental Controls
- Windows 7 : Working with Users and Groups from the Command Line
- Windows 7 : Setting Account Policies (part 2)
- Windows 7 : Setting Account Policies (part 1)
- Windows 7 : Creating and Managing User Accounts (part 2) - Working with the User Accounts Dialog Box
- Windows 7 : Creating and Managing User Accounts (part 1)
- Windows Vista : Managing Local Logon Accounts
- Windows Vista : User Accounts and Groups
- SOA with .NET and Windows Azure : Windows Workflow Foundation (part 7)
 
 
Most View
- Installing and Configuring SQL Server 2008 for SharePoint 2010
- Building Android Apps : Animation - Adding the Date Panel
- SharePoint 2010 : Rename a List or Document Library or Change Its Description
- Exchange Server 2010 : Fundamentals and Components of Federated Delegation (part 2)
- Windows Server 2008 : Controlling Access to Web Services (part 4) - Configuring Authentication Settings
- The Art of SEO : Trending, Seasonality, and Seasonal Fluctuations in Keyword Demand
- Keyword Research Tools (part 1) - Keyword Research Data from the Engines
- ASP.NET Security : The Membership and Role Management API (part 2) - Provider
- SQL Server 2008 : Transparent Data Encryption
- SQL Server 2008 : Working with Constraints
Top 10
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 3) - Configuring Recipient Filtering
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 2)
- Implementing Edge Services for an Exchange Server 2007 Environment : Utilizing the Basic Sender and Recipient Connection Filters (part 1)
- Implementing Edge Services for an Exchange Server 2007 Environment : Installing and Configuring the Edge Transport Server Components
- What's New in SharePoint 2013 (part 7) - BCS
- What's New in SharePoint 2013 (part 6) - SEARCH
- What's New in SharePoint 2013 (part 6) - WEB CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 5) - ENTERPRISE CONTENT MANAGEMENT
- What's New in SharePoint 2013 (part 4) - WORKFLOWS
- What's New in SharePoint 2013 (part 3) - REMOTE EVENTS