RE: wwwroot shared?! Concern?

2008-09-29 Thread Sam Cayze 
SVN, yes...



From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Monday, September 29, 2008 7:18 PM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?



Do you have a source control/build system?

 

Cheers

Ken

 

From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 30 September 2008 10:11 AM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?

 

Why, not sure... I'm sure it made my developers life easy so she can
access it from here PC.  (It's not in a DMZ).

 



From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Monday, September 29, 2008 6:02 PM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?

There's no magic with the NTFS permission on the wwwroot folder.

 

And the simple act of sharing a folder doesn't change the NTFS
permissions either.

 

That said, enabling SMB sharing on a production web server is a bit of a
security risk. Why have these things enabled if you don't need them?

 

Cheers

Ken

 

From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 30 September 2008 1:36 AM
To: NT System Admin Issues
Subject: wwwroot shared?! Concern?

 

During a scan/audit, I found a webserver in which my developer turned on
sharing for the wwwroot folder.

 

I remember reading that this was a big no-no, since permissions on that
folder should never be modified...  However, I can't find anything to
back up that claim right now.

 

Any arguments I can use to for justification to not allow this?

 

Tia,


Sam

 

 

 

 

 

 

 

 

 


 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: wwwroot shared?! Concern?

2008-09-29 Thread Salvador Manzo 
No good can ever come of that statement

 



From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Monday, September 29, 2008 5:11 PM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?

 

Why, not sure... I'm sure it made my developers life easy so she can
access it from here PC.  (It's not in a DMZ).

 



From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Monday, September 29, 2008 6:02 PM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?

There's no magic with the NTFS permission on the wwwroot folder.

 

And the simple act of sharing a folder doesn't change the NTFS
permissions either.

 

That said, enabling SMB sharing on a production web server is a bit of a
security risk. Why have these things enabled if you don't need them?

 

Cheers

Ken

 

From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 30 September 2008 1:36 AM
To: NT System Admin Issues
Subject: wwwroot shared?! Concern?

 

During a scan/audit, I found a webserver in which my developer turned on
sharing for the wwwroot folder.

 

I remember reading that this was a big no-no, since permissions on that
folder should never be modified...  However, I can't find anything to
back up that claim right now.

 

Any arguments I can use to for justification to not allow this?

 

Tia,


Sam

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: wwwroot shared?! Concern?

2008-09-29 Thread Ken Schaefer 
Do you have a source control/build system?

Cheers
Ken

From: Sam Cayze [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 30 September 2008 10:11 AM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?

Why, not sure... I'm sure it made my developers life easy so she can access it 
from here PC.  (It's not in a DMZ).


From: Ken Schaefer [mailto:[EMAIL PROTECTED]
Sent: Monday, September 29, 2008 6:02 PM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?
There's no magic with the NTFS permission on the wwwroot folder.

And the simple act of sharing a folder doesn't change the NTFS permissions 
either.

That said, enabling SMB sharing on a production web server is a bit of a 
security risk. Why have these things enabled if you don't need them?

Cheers
Ken

From: Sam Cayze [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 30 September 2008 1:36 AM
To: NT System Admin Issues
Subject: wwwroot shared?! Concern?

During a scan/audit, I found a webserver in which my developer turned on 
sharing for the wwwroot folder.

I remember reading that this was a big no-no, since permissions on that folder 
should never be modified...  However, I can't find anything to back up that 
claim right now.

Any arguments I can use to for justification to not allow this?

Tia,

Sam
















~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: wwwroot shared?! Concern?

2008-09-29 Thread Sam Cayze 
Why, not sure... I'm sure it made my developers life easy so she can
access it from here PC.  (It's not in a DMZ).



From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Monday, September 29, 2008 6:02 PM
To: NT System Admin Issues
Subject: RE: wwwroot shared?! Concern?



There's no magic with the NTFS permission on the wwwroot folder.

 

And the simple act of sharing a folder doesn't change the NTFS
permissions either.

 

That said, enabling SMB sharing on a production web server is a bit of a
security risk. Why have these things enabled if you don't need them?

 

Cheers

Ken

 

From: Sam Cayze [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 30 September 2008 1:36 AM
To: NT System Admin Issues
Subject: wwwroot shared?! Concern?

 

During a scan/audit, I found a webserver in which my developer turned on
sharing for the wwwroot folder.

 

I remember reading that this was a big no-no, since permissions on that
folder should never be modified...  However, I can't find anything to
back up that claim right now.

 

Any arguments I can use to for justification to not allow this?

 

Tia,


Sam

 

 

 


 

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: wwwroot shared?! Concern?

2008-09-29 Thread Ken Schaefer 
There's no magic with the NTFS permission on the wwwroot folder.

And the simple act of sharing a folder doesn't change the NTFS permissions 
either.

That said, enabling SMB sharing on a production web server is a bit of a 
security risk. Why have these things enabled if you don't need them?

Cheers
Ken

From: Sam Cayze [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 30 September 2008 1:36 AM
To: NT System Admin Issues
Subject: wwwroot shared?! Concern?

During a scan/audit, I found a webserver in which my developer turned on 
sharing for the wwwroot folder.

I remember reading that this was a big no-no, since permissions on that folder 
should never be modified...  However, I can't find anything to back up that 
claim right now.

Any arguments I can use to for justification to not allow this?

Tia,

Sam






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

wwwroot shared?! Concern?

2008-09-29 Thread Sam Cayze 
During a scan/audit, I found a webserver in which my developer turned on
sharing for the wwwroot folder.
 
I remember reading that this was a big no-no, since permissions on that
folder should never be modified...  However, I can't find anything to
back up that claim right now.
 
Any arguments I can use to for justification to not allow this?
 
Tia,

Sam

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~