Disabling Network Browsing

[Guest]

I am looking for ways to improve security in a small office using Windows
Networking.

Is It possible for a NT PC to share a Folder, but Disable the "Browsing" of
that resource by other computers on the LAN?

 

[Malke]

I am looking for ways to improve security in a small office using Windows
Networking.

Is It possible for a NT PC to share a Folder, but Disable the "Browsing" of
that resource by other computers on the LAN?

You mean you only want certain users to have access to the folder? It
has been a long time since I worked with NT4 but you would do this by
setting permissions based on user accounts.

Post back with a more exact description of what you want to do,
including the operating system on the workstations (XP Pro? Home?) and
if your "NT PC" is a server or just an old machine running NT4 being
used as a pseudo-server.

Malke

 

[Guest]

You mean you only want certain users to have access to the folder? It
has been a long time since I worked with NT4 but you would do this by
setting permissions based on user accounts.

Post back with a more exact description of what you want to do,
including the operating system on the workstations (XP Pro? Home?) and
if your "NT PC" is a server or just an old machine running NT4 being
used as a pseudo-server.

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

I realize that access can be restricted with Named User accounts and
Passwords. but that has not been implemented in this environment.

The OS of the workstation containing the shared folders is "XP Pro".
Clients include Win98, XP-Home and XP Pro.

All clients on the LAN can currently see all shared resources using Network
Neighborhood. I want to Hide some so they would only be available if the
client knew the specific "\\Server\Service"

I seem to recall back in the days of Win98 that the PC "serving the Files"
could be configured to disable "announcing" the services. I can't recall
specifics since that was so long ago. This "announcing" is what permits
other clients on the LAN from seeing the resources in Network Nighborhood.

Is there a way to prevent the workstation that is sharing the folders from
"announcing" that the resources are available in XP/XP Pro?

 

[Chuck [MVP]]

I am looking for ways to improve security in a small office using Windows
Networking.

Is It possible for a NT PC to share a Folder, but Disable the "Browsing" of
that resource by other computers on the LAN?

You can make any computer invisible to the browser, and still have an accessible
share, yes. A simple registry edit will do it.
<http://nitecruzr.blogspot.com/2005/05/hiding-your-server-from-enumeration.html>
http://nitecruzr.blogspot.com/2005/05/hiding-your-server-from-enumeration.html

But this is a form of Security By Obscurity. NTFS Permissions, properly
applied, would be a much more supportable solution. If you're not using Simple
File Sharing, that is.
<http://nitecruzr.blogspot.com/2005/09/server-access-authorisation.html>
http://nitecruzr.blogspot.com/2005/09/server-access-authorisation.html

--
Cheers,
Chuck, MS-MVP 2005-2007 [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.

 

[Guest]

Thanks Chuck, This worked exactly as I recall under Win98. It Hides the
entire server. It'd be nice id it could be made abit more granular (by
service/folder), but I am glad to see the capability still exists

I understand your other security comments as well, I don't have those
options in this particular case.

-Ed

I am looking for ways to improve security in a small office using Windows
Networking.

Is It possible for a NT PC to share a Folder, but Disable the "Browsing" of
that resource by other computers on the LAN?

You can make any computer invisible to the browser, and still have an accessible
share, yes. A simple registry edit will do it.
<http://nitecruzr.blogspot.com/2005/05/hiding-your-server-from-enumeration.html>
http://nitecruzr.blogspot.com/2005/05/hiding-your-server-from-enumeration.html

But this is a form of Security By Obscurity. NTFS Permissions, properly
applied, would be a much more supportable solution. If you're not using Simple
File Sharing, that is.
<http://nitecruzr.blogspot.com/2005/09/server-access-authorisation.html>
http://nitecruzr.blogspot.com/2005/09/server-access-authorisation.html

--
Cheers,
Chuck, MS-MVP 2005-2007 [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.

 

[Chuck [MVP]]

Thanks Chuck, This worked exactly as I recall under Win98. It Hides the
entire server. It'd be nice id it could be made abit more granular (by
service/folder), but I am glad to see the capability still exists

I understand your other security comments as well, I don't have those
options in this particular case.

Thanks for the feedback, Ed. Security is a never ending struggle, and not
everybody does have all of the options that they need. I hope that the
Invisibility setting is useful to you.

--
Cheers,
Chuck, MS-MVP 2005-2007 [Windows - Networking]
http://nitecruzr.blogspot.com/
Paranoia is not a problem, when it's a normal response from experience.
My email is AT DOT
actual address pchuck mvps org.