In general, since only high-privilege users can access admin shares, if you can't trust your high-privilege users - then fire them. :)
[By default, admin shares can only be accessed by Backup Operators, Server Operators, and local Administrators.] From: [email protected] [mailto:[email protected]] On Behalf Of Angus Scott-Fleming Sent: Thursday, July 3, 2014 8:34 PM To: [email protected] Subject: [NTSysADM] Re: Windows 7 firewall On 2 Jul 2014 at 19:53, David McSpadden wrote: > Is there a way to set Windows Firewall up to popup when someone is > accessing your admin > shares? This article is a bit dated, but there's probably an app for that. 4 ways to monitor who is accessing your shared folders/files http://dottech.org/11324/4-ways-to-monitor-who-is-accessing-your-shared-foldersfiles/ This one claims to work on Win7: ShareWatch http://stevemiller.net/sharewatch/ This article is more current: 7 Ways to Monitor Shared Folders For Who Modified or Deleted Files * Raymond.CC https://www.raymond.cc/blog/track-who-modified-or-deleted-files-in-your-shared-folder/ and several of the apps there claim to work on Win7.
