No good can ever come of that statement....
________________________________ From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Monday, September 29, 2008 5:11 PM To: NT System Admin Issues Subject: RE: wwwroot shared?! Concern? Why, not sure... I'm sure it made my developers life easy so she can access it from here PC. (It's not in a DMZ). ________________________________ From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Monday, September 29, 2008 6:02 PM To: NT System Admin Issues Subject: RE: wwwroot shared?! Concern? There's no magic with the NTFS permission on the wwwroot folder. And the simple act of sharing a folder doesn't change the NTFS permissions either. That said, enabling SMB sharing on a production web server is a bit of a security risk. Why have these things enabled if you don't need them? Cheers Ken From: Sam Cayze [mailto:[EMAIL PROTECTED] Sent: Tuesday, 30 September 2008 1:36 AM To: NT System Admin Issues Subject: wwwroot shared?! Concern? During a scan/audit, I found a webserver in which my developer turned on sharing for the wwwroot folder. I remember reading that this was a big no-no, since permissions on that folder should never be modified... However, I can't find anything to back up that claim right now. Any arguments I can use to for justification to not allow this? Tia, Sam ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
