Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Windows File Sharing: Facing The Mystery
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
turning off Windows FW when running ZAP »
« This one is starting to wear me out.....  

bcastner
Premium,VIP,MVM
join:2002-09-25
Chevy Chase, MD
clubs:
·Verizon Online DSL

Re: Windows File Sharing: Facing The Mystery

Dave above makes some great comments, so let me ammend slightly one section above" "There is another wrinkle to user-level authentication, and that is 'guest access'. Windows may choose to allow unknown users to log in as user Guest for network accesses. This is generally a bad thing in my opinion. The Guest account is disabled by default in Win2000 and XP Pro, and you should only enable it if you understand the security ramifications. Rumour says it's on by default in XP Home."

It is no rumour, XP Home is enabled only for the "Simple File sharing" model, XP Pro is by default but can be changed in the Folder, View option of the GUI.

This has nothing to do with whether the "Guest" account is enabled, but Group Guest. Your decision to enable the Guest account is a decision about a local console logon, not remote access.

There was raised by others a concern about how port 139 versus 445 were handled. At the moment essentially the client needing a session makes requests on both, and maintains any session on the first to reply. You can influence this:

By standard both port 139 and 445 are open to get the highest degree of compatibility. A client will try to request on both ports and continue the communication on the port which responds first.

To disable SMB use of Netbios port 139 (Forces use of port 445):

. On the Start menu, point to Settings, and then click Network and Dial-up Connections
. Right-click Internet facing connection, and then click Properties.
. Select Internet Protocol TCP/IP and select Properties
. Click Advanced and select the WINS tab
. Tick Disable NetBIOS over TCP/IP and click Ok

To disable SMB use of port 445 with this DWORD (Forces use of port 139):

[HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \NetBT \Parameters]
SMBDeviceEnabled = 0

To disable SMB use of port 139 and 445 (Disables nbt.sys driver):

Right-click My Computer on the desktop, and then click Manage.
Expand System Tools, and then select Device Manager.
Right-click Device Manager, point to View, and then click Show hidden devices.
Expand Non-Plug and Play Drivers.
Right-click NetBios over Tcpip, and then click Disable.
To disable SMB completely:
On the Start menu, point to Settings, and then click Network and Dial-up Connections
Right-click Internet facing connection, and then click Properties.
Select Client for Microsoft Networks, and then click Uninstall.
Follow the uninstall steps.
Select File and Printer Sharing for Microsoft Networks, and then click Uninstall.
Follow the uninstall steps.

(My thanks to "Snakefoot" and his remarkable site: »snakefoot.fateback.com/tweak/win···_NETBIOS )

permalink · 2005-04-07 11:18:24 · Print · Reply to this
psloss
Premium
join:2002-02-24
Alpharetta, GA

Re: Windows File Sharing: Facing The Mystery

said by bcastner See Profile:

This has nothing to do with whether the "Guest" account is enabled, but Group Guest. Your decision to enable the Guest account is a decision about a local console logon, not remote access.
I assume you mean the group "Guests" (plural), right? The distinction being that both are "well known" SIDs, where "Guest" has an RID of 501 and "Guests" has an RID of 514.

Also, aren't there two "types" of disabling for the Guest account in XP? One from the "User Accounts" control panel applet and the other being the way that accounts have always been enabled/disabled in NT? (viz: "net user Guest active:no")

Philip Sloss
--
Feedback? e-mail: stuff@lupwa.org
permalink · 2005-04-07 11:43:27 · Print · Reply to this

funkym0nk3y

join:2002-06-27		 that snakefoot site is awesome, bookmarked!
permalink · 2005-04-07 13:52:02 · Reply to this
Forums » Up and Running » Security » Securityturning off Windows FW when running ZAP »
« This one is starting to wear me out.....  

Wednesday, 09-Dec 17:10:02 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [197] Sprint Sued For Distracted Driving Death
· [96] AT&T Launching New 24 Mbps U-Verse Tier
· [81] 3G Network Test Says AT&T Is Tops
· [72] Mediacom Unveils 105 Mbps Pricing
· [66] Sprint Poised For A Turnaround?
· [61] WPA Cracker: Test WPA-PSK Networks In 20 Minutes
· [51] The Future Of Wi-Fi Is Bright
· [47] Site Leaks Yahoo, Verizon Fed Data Share Pricing
· [44] Microwaving Your Innards Is Not 'Extreme'
· [39] Verizon LTE: 5-12 Mbps Downstream
Most people now reading
· MicroSoft Discontinues Sale of Windows 7 Family Pack in US [Microsoft Help]
· Man Downloads Child Porn "Accidentally," Faces 20 Years [Security]
· Battered Hilt Delimma [World of Warcraft]
· Adobe Flash Player version 10.0.42.34 [Security]
· Is sleeping similar to being dead? [General Questions]
· Smoke detectors gone wild [Home Repair & Improvement]
· Cross Server Dungeon Experience [World of Warcraft]
· [ Classes] ATTN Death Knights - Post your spec for critique! [World of Warcraft]
· ICC Strats??? [World of Warcraft]
· [WIN7] Outlook express under Windows 7? [Microsoft Help]