Re: SBS shares. Theres no security

---

• From: "Jonathan Davey" <me@xxxxxxxxxxx>
• Date: Fri, 10 Mar 2006 14:50:50 -0000

---

Hi Leythos,

No, the rogue PC does not have a "local" user account in common with SBS,
nor a domain nor Device Account. It is a rogue in every sense of the word.

Guest..... hmm now thats highly unlikely, let me check, nope its disabled,
default setting.

"Leythos" <void@xxxxxxxxxxx> wrote in message
news:2cgQf.11351$g91.7142@xxxxxxxxxxxxxxxxxxxxxxxxx

In article <uO$XkZERGHA.4696@xxxxxxxxxxxxxxxxxxxx>, me@xxxxxxxxxxx
says...

Ive set up a default SBS install, except with a single nic

Ive placed a rogue PC on the network, which has no credentials (user,
computername, domain etc) to access SBS, the rogue PC network folders are
populated with SBS file shares!!!!!! AND I can make alterations to 80% of
those shares including DELETE of user added folders and files.

Can someone tell me what on earth is going on please. This is a pull the
plug senario!

Well, it would seem that you are using the same user account name and
the same password on that computer as you have in the domain.

Most administrators use uncommon/strict passwords.

Maybe you misunderstand how Windows networking permissions work - if you
have a computer with a user/password and connect to it from another
computer using the same user/password, it will authenticate as that
user/password and allow the same access as if you were the user.

So, if on the SBS Server you setup shares, give a quality password to
the administrator account, give quality passwords to the other accounts,
now you take a PC that doesn't have the same user/password combination
as any of those SBS accounts, you won't be able to access the shares at
all.

If you can access them with a unknown user account, then it means you've
enabled the GUEST account and we all know that's a mistake no matter how
you look at it.

--

spam999free@xxxxxxxxxx
remove 999 in order to email me

.

---

• Follow-Ups:
  • Re: SBS shares. Theres no security
    • From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]

• References:
  • SBS shares. Theres no security
    • From: Jonathan Davey

• Prev by Date: Re: Urgent! New router and big disaster
• Next by Date: Re: Open Licence
• Previous by thread: Re: SBS shares. Theres no security
• Next by thread: Re: SBS shares. Theres no security
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: SBS shares. Theres no security ... Enable object access on the SBS box and enable them specifically on those shared folders.. ... drill down through those shared folders. ... I had thought that the Admin account on the rogue client might have had the same password as that of Admin on SBS. ... (microsoft.public.windows.server.sbs) Re: SBS shares. Theres no security ... Go into the event log on the server, open up the security tab, and montor when you boot that system. ... No, the rogue PC does not have a "local" user account in common with SBS, nor a domain nor Device Account. ... (microsoft.public.windows.server.sbs) Re: SBS shares. Theres no security ... No, the rogue PC does not have a "local" user account in common with SBS, ... have a computer with a user/password and connect to it from another ... (microsoft.public.windows.server.sbs) Re: SBS shares. Theres no security ... I had thought that the Admin account on the rogue client might have had the ... same password as that of Admin on SBS. ... USER account, manually configured. ... (microsoft.public.windows.server.sbs) RE: cannot log on to user account following password change ... cannot log on to user account following password change ... I changed the username on the account in ... | on the sbs box. ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)