It seems you could find a nice middle ground of disabling all "connectable" shares yet leaving the functionality enabled for remote management.
>From a pure security risk perspective though most of the vulnerabilities that pertain to having file sharing (rpc/smb/blabla) enabled have been discovered these days. There was a hay day where a couple of years ago I'd say having those things open even internally would be "very bad" but now a day's those flaws are a LOT less common than vulnerabilities in your general desktop applications such as Adobe/Flash/etc... <plug> And of course if you are using a good host based security solution with real intrusion prevention capabilities then it does not matter if you have file sharing enabled or not as it will prevent those types of attacks regardless of your MS patche levels or zerodays. http://www.eeye.com/blink </plug> -Marc -----Original Message----- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Monday, February 25, 2008 3:24 PM To: NT System Admin Issues Subject: File and Print Sharing on workstations - Security Risk? Management of this company thinks that turning on file and print sharing on workstations is a security vulnerability. In my opinion, this hampers remote control of workstations like in Computer Management and does not provide any significant security advantage. What do you guys think? Any story from trenches?Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
