Hello, I'm trying to implement a password protected file share between two
computers on a semi-open network (think college network). Both machines are
Windows XP Pro, but are in a common Workgroup (not domain). They can see
each other and ping just fine. When I create simple shares, the correct
folders are shared out and files are accessible, but they are public. I want
to restrict access to them.

To do this, I turned off simple file sharing. Then I set up a folder for
sharing. It's properly locked down in that when you try to access it via
\\machine\share, it prompts for authentication and responds correctly.
However, all these permissions can be bypassed by going to \\machine\c$ from
any other machine without any credential prompts. As far as I can tell, this
access is unrestricted, as I'm able to access all the server machine's My
Documents folders and files from another machine add/delete files, all with
NO credential prompts (the two machines share user account names, but the
passwords are different. I've rebooted several times to clear any possible
credential caches, but I'm never prompted for creds and full access is still
permitted).

On the root drive (c, I've checked my NTLM permissions - AFAIK "Everyone"
has been removed, users have read-only permissions, Administrators and SYSTEM
have full permissions. I can't change the sharing permissions because when I
do, I get a warning prompt that the folder is shared for administrative
purposes and that even if I disable the share, it will reactivate on reboot.
I've read elsewhere that disabling this is bad anyways.

Does the act of disabling simple file sharing and then sharing out a single
folder really cause your entire machine to be accessible via administrative
shares and bypassing NTLM permissions? Or am I completly misunderstanding
the NTLM security model?

FYI: Handle change.
FWIW, all local account (except guest) are P/W protected, Network Access:
Sharing and security model for local accounts in mscpol is set to Classic.


"Jeff" wrote:

> Hello, I'm trying to implement a password protected file share between two
> computers on a semi-open network (think college network). Both machines are
> Windows XP Pro, but are in a common Workgroup (not domain). They can see
> each other and ping just fine. When I create simple shares, the correct
> folders are shared out and files are accessible, but they are public. I want
> to restrict access to them.
>
> To do this, I turned off simple file sharing. Then I set up a folder for
> sharing. It's properly locked down in that when you try to access it via
> \\machine\share, it prompts for authentication and responds correctly.
> However, all these permissions can be bypassed by going to \\machine\c$ from
> any other machine without any credential prompts. As far as I can tell, this
> access is unrestricted, as I'm able to access all the server machine's My
> Documents folders and files from another machine add/delete files, all with
> NO credential prompts (the two machines share user account names, but the
> passwords are different. I've rebooted several times to clear any possible
> credential caches, but I'm never prompted for creds and full access is still
> permitted).
>
> On the root drive (c, I've checked my NTLM permissions - AFAIK "Everyone"
> has been removed, users have read-only permissions, Administrators and SYSTEM
> have full permissions. I can't change the sharing permissions because when I
> do, I get a warning prompt that the folder is shared for administrative
> purposes and that even if I disable the share, it will reactivate on reboot.
> I've read elsewhere that disabling this is bad anyways.
>
> Does the act of disabling simple file sharing and then sharing out a single
> folder really cause your entire machine to be accessible via administrative
> shares and bypassing NTLM permissions? Or am I completly misunderstanding
> the NTLM security model?