Hey there, drive mapping

Hey fellas. Just a quick one for today on Network Drive Mapping. Lets say there are 2 people, Mike and Bob. Bobs computer and Mikes are on the same network. Mike mounts Bobs computer. net use k: \\bob\c$ Does some dicking around and then Bob finds out and kills him with a keyboard. Afterwords, how could Bob go about making it so people cannot connect to his C: drive? That will be all, I have to go, in a hurry. Be back later to follow up.

My apologies, Windows XP. Thank you for your response.

Are you asking how to unshare a shared drive?

http://support.microsoft.com/kb/304040

Is that what you're looking for?

So I do not understand why computers, with limited user access would have a shared C$. Unless it is so they can be monitored//administrated. All right well I get that part, I thought it had some to do with registries as well. Didn't know it was all directory sharing. Makes sense though. So after mounting a C$, how could one go about sharing an unshared drive remotely via the C$. Could one just spawn a shell and navigate about, issue some commands.

How can you navigate to a different drive if you only have access to the C drive? When you share the C drive, everything on that drive is shared, but nothing else. As far as I know, you can only view something that's on that drive, which doesn't include other drives.

I could be wrong though.

Here it is from an administrators stand point. All drives on the network system Windows Operating Systems (NT or newer) have administrative shares on all partitions/drives on your machine. They have the $ to make them "invisible" in Network Places. However, the default name is <driveletter>$ which is quite obvious and you cannot change it. You need administrative rights to access these, so setting up a password for ALL your accounts is one work around that will sometimes work. However, if someone guesses your administrative users password and you would like to remove this all together, here is how you do it.

Open up the Registry Editor (start|Run…|regedit) find the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters Set the Autoshareserver dword value to 0 (If this does not exist, create it) Set the Autosharewks dword value to 0 (If this does not exist, create it)

Bingo, Bango, Share disabled for good.

Note: Please ensure you back up your registry and know what you are doing before attempting any of this. I will not be held responsible if you destroy your system. This is for educational purposes only.

Of course, the treebird comes in and answers the question more perfectly than I would have thought possible. >.<

That is what I am here for stinkyfoot :evil:

Anyways, I hope this helps anyone who needs to know how to do this.

Awesome! Haha now I just await "Stinky-Foots" reaction! Thanks, take it easy.

Sorry to disappoint, but I have no real reaction at all. My name has nothing to do with having smelly feet, but it's a reasonable assumption, and I hear that all the time. Honestly, it doesn't bother me one bit, especially since I'm sure he wasn't trying to insult me.

AldarHawk wrote:
Bingo, Bango, Share disabled for good

But you forgot about IPC$ shares: HKLM>system>currentcontolset>control>lsa>restrictanonymous> change value to 1.

Now your good!

Skunkfoot wrote: Honestly, it doesn't bother me one bit, especially since I'm sure he wasn't trying to insult me.

That I know ;) I was just joking around. Most people call me the Tree Bird, thus I put it in my signature. This is AlderHawk as most call me…though it is AldarHawk ;)

korg wrote: But you forgot about IPC$ shares: HKLM>system>currentcontolset>control>lsa>restrictanonymous> change value to 1.

True enough, even pro's can miss stuff sometimes ;) Thank you for showing this point as well…though as long as all your accounts have a password you are not vulnerable to this ;)

I know as well skunkfoot. I am assuming you have a lucky skunk foot or something. Yet lucky is just good karma I believe. Thank you Aldar and Korg. Will be very useful on another network. Have a good rest of the day.

No, I don't have a lucky skunk foot. Skunks aren't rabbits.

Don't try to understand the meaning behind my name, you'll fail miserably. And no, I'll probably never explain it to you.

AldarHawk wrote:
though as long as all your accounts have a password you are not vulnerable to this

Not true even with a good password, The netbios password can be retrieved via netbios scanning or auditing.