• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Any way to mitigate the risk of sharing the root of a drive?

T

TechnoPro

Golden Member
I know it's considered a bad practice to share the root folder of a drive.

There's a company I'm working with that uses software which requires that the entire C drive on the server be shared out with full permissions.

Security wise, is my only option to simply ensure that other layers of security (both technical and procedural) are maintained at a high level? I should add that the threat I am most concerned with is from the outside (ie. internet).
 
What software is this? Ill make sure to never buy it.
Click to expand...

agreed. that's a really bad software design. I suggest you find out exactly what on the hard drive they need access to, then try to restrict it if possible. If you're really worried, you could setup something like a Smoothwall or IPCop firewall in front of it and only allow access to it from specific IP addresses of client machines that will access it. Maybe setup a software firewall on the server instead if it can handle any extra load.
 
Does the program itself have a domain account?

If so, only allow account access to that account.


Also try using DFS or just creative partitioning.
 
Originally posted by: Genx87
What software is this? Ill make sure to never buy it.
Click to expand...

No worries. It's software that runs a video store.

Realistically, the root folder does not need to be shared, but tech support strongly encourages this practice to help them better troubleshoot problems. When I first came onsite, I unshared the root and only shared out the needed folders.

The system worked fine, until we needed to do some advanced tweaking. Tech support (the majority of whom were very competent) had a hard time walking us through the procedures since our mapped netowrked drives pointed to different folders than what they were accustomed to. So I switched things back to the wide open way. And now my professional guilt has kicked in and I am thinking of security ramifications.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top