![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
|
Welcome to Vista Forums we are your forum to discuss Windows Vista x64 and x86 systems. Whether you need help or just want to post an idea you have on Vista, this is the forum for you.
br> br> |
| |||||||
![]() |
| | Thread Tools | Display Modes |
| | #1 (permalink) |
| Guest | Is anyone running Ubuntu 7.04 and Vista on a network The reason i ask is that i may have found a possible security flaw, but would appreciate it if anyone else who has the above operatings system can also check to see if this was coincident or is a flaw in vista's security Scenario 1 PC Running Vista 64 Home Premium 1 PC Running Ubuntu 7 Vista pc setup for use on private network, i have no shares configured From the Ubuntu desktop, i managed to browse the network, and select my vista pc - because i am a local user on vista with admin rights i entered my details and connected to the vista pc. Usually you would get no shares available, but no all hidden admin shares where displayed for my drives, and everyone was accessible. Surely this is incorrect, this shares should not show up in ubuntu and should be fully hidden. As anyone else come across this or can someone else test. If the results are the same and can see hidden shares when you're not supposed to, then surely this is one major security breach. regards |
My System Specs![]() |
| | #2 (permalink) |
| Guest | RE: Is anyone running Ubuntu 7.04 and Vista on a network You must have misunderstood what "no shares configured" means. It means you have not created any additional shares over and above the administrative shares. "Hidden" as in "hidden share" means "flagged with a special flag that directs the client not to display the share." Also, if you had left UAC turned on you would not have been able to connect to the administrative shares. You would be able to connect other shares but those are restricted to administrators only and with UAC turned on administrators do not get administrative tokens when connecting from the network to stand-alone computers. If you want to "hide" the Vista machine from the Ubuntu system either configure the firewall in the public profile or open the Network and Sharing Center and turn off network discovery. --- Your question may already be answered in Windows Vista Security: http://www.amazon.com/gp/product/047...otectyourwi-20 "mirdragon" wrote: > The reason i ask is that i may have found a possible security flaw, but would > appreciate it if anyone else who has the above operatings system can also > check to see if this was coincident or is a flaw in vista's security > > Scenario > 1 PC Running Vista 64 Home Premium > 1 PC Running Ubuntu 7 > > Vista pc setup for use on private network, i have no shares configured > > From the Ubuntu desktop, i managed to browse the network, and select my > vista pc - because i am a local user on vista with admin rights i entered my > details and connected to the vista pc. > > Usually you would get no shares available, but no all hidden admin shares > where displayed for my drives, and everyone was accessible. > > Surely this is incorrect, this shares should not show up in ubuntu and > should be fully hidden. > > As anyone else come across this or can someone else test. If the results are > the same and can see hidden shares when you're not supposed to, then surely > this is one major security breach. > > regards > |
My System Specs![]() |
| | #3 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network "mirdragon" <mirdragon@discussions.microsoft.com> wrote in message news:BEA28C04-C618-4A9C-B1F0-CD3B621A626C@microsoft.com... > The reason i ask is that i may have found a possible security flaw, but > would > appreciate it if anyone else who has the above operatings system can also > check to see if this was coincident or is a flaw in vista's security > > Scenario > 1 PC Running Vista 64 Home Premium > 1 PC Running Ubuntu 7 > > Vista pc setup for use on private network, i have no shares configured > > From the Ubuntu desktop, i managed to browse the network, and select my > vista pc - because i am a local user on vista with admin rights i entered > my > details and connected to the vista pc. > > Usually you would get no shares available, but no all hidden admin shares > where displayed for my drives, and everyone was accessible. > > Surely this is incorrect, this shares should not show up in ubuntu and > should be fully hidden. > > As anyone else come across this or can someone else test. If the results > are > the same and can see hidden shares when you're not supposed to, then > surely > this is one major security breach. Further to Jespers comments, the user connecting to the Vista machine from the Linux machine knew the admin username & passphrase for the Vista machine. I assume this information isn't something you will be making readily available to everyone on your network? This isn't a security breach at all. |
My System Specs![]() |
| | #4 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network sorry i do think this is a security breach a hidden share is a hidden share and should not be viewable within network browsing, that is why they are called hidden for extra security try connecting exactly the same way with exactly the same details from a windows xp machine, and you'll find that this DOES NOT list these hidden shares do it from a linux box running ubuntu 7 and you'll get everything this only happens when connecting via linux as for uac, if you leave this active even though you are an administrator of the system, you might as well be a limited user, as it prevents a lot of stuff running properly "Iuvenalis" wrote: > "mirdragon" <mirdragon@discussions.microsoft.com> wrote in message > news:BEA28C04-C618-4A9C-B1F0-CD3B621A626C@microsoft.com... > > The reason i ask is that i may have found a possible security flaw, but > > would > > appreciate it if anyone else who has the above operatings system can also > > check to see if this was coincident or is a flaw in vista's security > > > > Scenario > > 1 PC Running Vista 64 Home Premium > > 1 PC Running Ubuntu 7 > > > > Vista pc setup for use on private network, i have no shares configured > > > > From the Ubuntu desktop, i managed to browse the network, and select my > > vista pc - because i am a local user on vista with admin rights i entered > > my > > details and connected to the vista pc. > > > > Usually you would get no shares available, but no all hidden admin shares > > where displayed for my drives, and everyone was accessible. > > > > Surely this is incorrect, this shares should not show up in ubuntu and > > should be fully hidden. > > > > As anyone else come across this or can someone else test. If the results > > are > > the same and can see hidden shares when you're not supposed to, then > > surely > > this is one major security breach. > > Further to Jespers comments, the user connecting to the Vista machine from > the Linux machine knew the admin username & passphrase for the Vista > machine. > I assume this information isn't something you will be making readily > available to everyone on your network? > This isn't a security breach at all. > > > |
My System Specs![]() |
| | #5 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network Nope, you misunderstand hidden share, it was never intended as a security feature, it was more of a housekeeping, keeping things looking clean standpoint. A hidden share is marked as "hidden" by having a $ appended to it. The Windows OS sees the appended $ and treats it as hidden. The OS still sends the share in the list of shares for the share enumeration request. This has always been the case. Basically it is up to the OS or the application if it wants to display those shares once it sees the "hidden" flag. This was pretty common in Windows NT, it is how computer accounts were "hidden" from display when you listed user accounts or if you just wanted to display computer accounts. joe -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm mirdragon wrote: > sorry i do think this is a security breach > > a hidden share is a hidden share and should not be viewable within network > browsing, that is why they are called hidden for extra security > > try connecting exactly the same way with exactly the same details from a > windows xp machine, and you'll find that this DOES NOT list these hidden > shares > > do it from a linux box running ubuntu 7 and you'll get everything this only > happens when connecting via linux > > as for uac, if you leave this active even though you are an administrator of > the system, you might as well be a limited user, as it prevents a lot of > stuff running properly > > > > "Iuvenalis" wrote: > >> "mirdragon" <mirdragon@discussions.microsoft.com> wrote in message >> news:BEA28C04-C618-4A9C-B1F0-CD3B621A626C@microsoft.com... >>> The reason i ask is that i may have found a possible security flaw, but >>> would >>> appreciate it if anyone else who has the above operatings system can also >>> check to see if this was coincident or is a flaw in vista's security >>> >>> Scenario >>> 1 PC Running Vista 64 Home Premium >>> 1 PC Running Ubuntu 7 >>> >>> Vista pc setup for use on private network, i have no shares configured >>> >>> From the Ubuntu desktop, i managed to browse the network, and select my >>> vista pc - because i am a local user on vista with admin rights i entered >>> my >>> details and connected to the vista pc. >>> >>> Usually you would get no shares available, but no all hidden admin shares >>> where displayed for my drives, and everyone was accessible. >>> >>> Surely this is incorrect, this shares should not show up in ubuntu and >>> should be fully hidden. >>> >>> As anyone else come across this or can someone else test. If the results >>> are >>> the same and can see hidden shares when you're not supposed to, then >>> surely >>> this is one major security breach. >> Further to Jespers comments, the user connecting to the Vista machine from >> the Linux machine knew the admin username & passphrase for the Vista >> machine. >> I assume this information isn't something you will be making readily >> available to everyone on your network? >> This isn't a security breach at all. >> >> >> |
My System Specs![]() |
| | #6 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network Security breach? Hardly - at best, it's another case of MS using "security by obscurity", except that it isn't even particularly obscure in this case. I think you will find that only Windows fails to display those "hidden" shares. I doubt MS even intended for this to be for security, probably just to keep things a little cleaner for non-admin types. AFAIK, there isn't any special hidden attribute attached to them beyond having the $ after the name, they are just hidden by convention in a MS network environment. Besides **everyone** knows they are there, and that they are called <drive letter>$, so being hidden isn't helpful anyway. You still need credentials with the correct permissions to access them. Regards, Dave "mirdragon" <mirdragon@discussions.microsoft.com> wrote in message news:88442B8E-6858-476D-A2AD-524A0768C802@microsoft.com... > sorry i do think this is a security breach > > a hidden share is a hidden share and should not be viewable within > network > browsing, that is why they are called hidden for extra security > > try connecting exactly the same way with exactly the same details from > a > windows xp machine, and you'll find that this DOES NOT list these > hidden > shares > > do it from a linux box running ubuntu 7 and you'll get everything this > only > happens when connecting via linux > > as for uac, if you leave this active even though you are an > administrator of > the system, you might as well be a limited user, as it prevents a lot > of > stuff running properly > > > > "Iuvenalis" wrote: > >> "mirdragon" <mirdragon@discussions.microsoft.com> wrote in message >> news:BEA28C04-C618-4A9C-B1F0-CD3B621A626C@microsoft.com... >> > The reason i ask is that i may have found a possible security flaw, >> > but >> > would >> > appreciate it if anyone else who has the above operatings system >> > can also >> > check to see if this was coincident or is a flaw in vista's >> > security >> > >> > Scenario >> > 1 PC Running Vista 64 Home Premium >> > 1 PC Running Ubuntu 7 >> > >> > Vista pc setup for use on private network, i have no shares >> > configured >> > >> > From the Ubuntu desktop, i managed to browse the network, and >> > select my >> > vista pc - because i am a local user on vista with admin rights i >> > entered >> > my >> > details and connected to the vista pc. >> > >> > Usually you would get no shares available, but no all hidden admin >> > shares >> > where displayed for my drives, and everyone was accessible. >> > >> > Surely this is incorrect, this shares should not show up in ubuntu >> > and >> > should be fully hidden. >> > >> > As anyone else come across this or can someone else test. If the >> > results >> > are >> > the same and can see hidden shares when you're not supposed to, >> > then >> > surely >> > this is one major security breach. >> >> Further to Jespers comments, the user connecting to the Vista machine >> from >> the Linux machine knew the admin username & passphrase for the Vista >> machine. >> I assume this information isn't something you will be making readily >> available to everyone on your network? >> This isn't a security breach at all. >> >> >> |
My System Specs![]() |
| | #7 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network "mirdragon" <mirdragon@discussions.microsoft.com> wrote in message news:88442B8E-6858-476D-A2AD-524A0768C802@microsoft.com... > sorry i do think this is a security breach > > a hidden share is a hidden share and should not be viewable within network > browsing, that is why they are called hidden for extra security > > try connecting exactly the same way with exactly the same details from a > windows xp machine, and you'll find that this DOES NOT list these hidden > shares > > do it from a linux box running ubuntu 7 and you'll get everything this > only > happens when connecting via linux > > as for uac, if you leave this active even though you are an administrator > of > the system, you might as well be a limited user, as it prevents a lot of > stuff running properly It isn't a security breach. Others have explained hidden shares better than I could. But remember, ***you are connecting to the vista pc using the admin username & passphrase*** If an attacker didn't have this information they would not be able to connect to the admin shares. So, anyone connecting a Ubuntu machine without knowing the admin login details would not be able to access. As for UAC I still have mine enabled. For general use on this machine I get ZERO UAC popups, i'm not sure what apps you're using? I run browsers, email, games, office apps, graphics apps, DVD & audio ripping, DVD - Xvid apps on a daily basis & none give me UAC pop ups. I get a pop up when I run true Image every week. For daily backups I use Robocopy which doesn't give you a UAC popup. I tend to view event viewer once a week or so if I think it necessary & that gives a pop up. So, what is it that you run that cannot run properly with UAC on? |
My System Specs![]() |
| | #8 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network Joe Richards [MVP] wrote: > hidden. The OS still sends the share in the list of shares for the share > enumeration request. In that case, it's very silly! If the enum is done by by a local process with a connection over DCOM then it's fair enough, it's listing shares that it's exposing. If it's showing up in a network browser, it defeats the whole point of the $ concept, which is to hide it from the browse request. Remember, it's not just C drives, it could be vast listings of a file server. You'd still have NTFS to get through, but it still defeats the whole point of them being "hidden". -- Gerry Hickman (London UK) |
My System Specs![]() |
| | #9 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network > If it's showing up in a network browser, it defeats the whole point of > the $ concept, which is to hide it from the browse request. Remember, > it's not just C drives, it could be vast listings of a file server. > You'd still have NTFS to get through, but it still defeats the whole > point of them being "hidden". What point is it that you believe is being defeated? |
My System Specs![]() |
| | #10 (permalink) |
| Guest | Re: Is anyone running Ubuntu 7.04 and Vista on a network You missed the part where I said this was never designed to be a security feature but instead is used for housekeeping/display. Say, and this is a real life example, I have a file server with 5000 home folder shares on it called user1$ through user2$ and I have 10 project shares on the server called proj1 through proj10. Some random user connects to the server by \\servername to get a list of the project shares, if MSFT didn't have the hidden mechanism the user would get a listing of 5010 shares instead of 10. Your understanding or wish of what the $ concept is just needs to be readjusted. It isn't about hiding it from the browse request, it is a quick way to indicate to the client that the shares have been marked hidden which is a guideline and a guideline only, to not display. If MSFT intended for that to be a security feature, you can rest assured they wouldn't be sending those share names when requested. It is simpler not to send them than to not display them when they have been sent. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Gerry Hickman wrote: > Joe Richards [MVP] wrote: > >> hidden. The OS still sends the share in the list of shares for the >> share enumeration request. > > In that case, it's very silly! If the enum is done by by a local process > with a connection over DCOM then it's fair enough, it's listing shares > that it's exposing. > > If it's showing up in a network browser, it defeats the whole point of > the $ concept, which is to hide it from the browse request. Remember, > it's not just C drives, it could be vast listings of a file server. > You'd still have NTFS to get through, but it still defeats the whole > point of them being "hidden". > |
My System Specs![]() |
![]() |
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| running VISTA setup through network | SANG | Vista installation & setup | 0 | 03-11-2008 11:32 PM |
| First Installation to network for PC running Vista Business | John H. | Vista installation & setup | 4 | 09-04-2007 03:15 PM |
| Ubuntu - Read the review - Ubuntu Sucks | Homer Schwartz | Vista General | 43 | 06-22-2007 12:52 AM |
| Tech Journalist Can't Even Install Ubuntu Linux? Ubuntu Linux SUCKS! | royschestowitz@yahoo.com | Vista General | 26 | 02-26-2007 04:27 AM |
| Anyone have a gigabit network running with Vista? | Dimpz | Vista networking & sharing | 3 | 02-14-2007 01:57 AM |