I work in an IT department and we would like a network accessible folder to read and write data using our internal applications. So permissions need to be open to all users. But if a user gets malware on their PC, the malware would also have the permission to read and write the contents of this folder. Would a hidden share protect against malware finding this folder -- with the exception of a dictionary attack or finding the path in some other file? In other words, can hidden shares be discovered programmatically without network admin permissions?
Asked
Active
Viewed 583 times
3
-
1If you're worried about malware overwriting/blowing up your share then don't use a share. Have a web service listening and have your internal apps send the files over HTTP/S to it and let it write the files. Then no malware could corrupt the files. Yes, this means more work for your coders, but that's their problem. :) – Mr. Smythe Aug 29 '16 at 17:07
-
1In essence you have asked for remote attestation, which is a known *unsolvable* problem. You can do things to make it harder, but if you publish them you defeat the purpose. Basically no answer given here should be used. – joshudson Aug 29 '16 at 17:30
-
@Mr.Smythe Good idea! "Yes, this means more work for your coders, but that's their problem." - I AM one of the coders! But still a good idea. I think, however, that we may end up creating a share with access by only one user account created for just such a purpose. Then in our in-house applications (.NET) we can use impersonation of that user when we want to read or write to the share. – Joe Gayetty Aug 30 '16 at 14:25
-
@joshudson - Thanks for the information about "remote attestation". I knew what the problem was, now I know it's name! – Joe Gayetty Aug 30 '16 at 14:27
-
@Joe But also remember that nesting impersonation is bad, and you should feel bad if you end up doing it. The problem with that approach is that you lose accountability, since everything will be in the context of that shared user. – Mr. Smythe Aug 30 '16 at 19:37
-
@Mr.Smythe I don't think we are "nesting" impersonation. But in either case, that is the approach we used, and it works fine. We can control (and log) all access to the folder since it is all happening through our own applications. So accountability is maintained. – Joe Gayetty Oct 10 '16 at 17:15
1 Answers
6
Yes. net view \\server /all will show hidden shares.
joeqwerty
- 108,377
- 6
- 80
- 171
-
Do you know of any type of share that will not be listed using the net command? – Joe Gayetty Aug 29 '16 at 16:40
-
1As far as I know, there's no such thing as a truly 'invisible' share in Windows. – Mr. Smythe Aug 29 '16 at 17:06