Is Creating Open Shared Folders a Security Vulnerability?

[Guest]

Hi
I have some open shares on my computer. These shares have their security
permissions set to <Domain>\Authenticated Users and with Full Control.

My quesion :
Is having Open Shares with permissions to EveryOne disabled a security
Vulnerability? Is Hidden Shares (that is ShareName followed by $) a better
option than Open Shares?

Any pointers to the same would be highly appreciated.

 

[Lanwench [MVP - Exchange]]

Hi
I have some open shares on my computer. These shares have their
security permissions set to <Domain>\Authenticated Users and with
Full Control.
OK...

My quesion :
Is having Open Shares with permissions to EveryOne disabled a security
Vulnerability?

Well, I think you're asking whether setting share permissions to Everyone =
Full Control is the vulnerability, right? You aren't doing that, as you've
stated above, which is fine. However, I suspect most people just set
Everyone = Full Control...I myself tend to leave the share permissions wide
open (either with Everyone, or specific groups), and apply permissions via
NTFS security settings....it just seems easier to me. The most restrictive
permissions apply, so if you set everyone=full control in the share perms,
and then set the NTFS security more strictly, the latter settings will win.

Is Hidden Shares (that is ShareName followed by $) a
better option than Open Shares?

That's apples to oranges, although I certainly prefer hidden shares myself.