sken> if i've just installed WINDOWS 2000 OS w/ default setting, how hacker can sken> access my sharing folders and what hacker can do?
If you have no firewalls and NetBIOS was not blocked otherwise, I belive a hacker may use command like this one to map your drive C: as a local M: net use M: \\your_computer\C$ password /USER:your_login Of cause he will need to guess your password in order to perform such a task. IMHO, on default NT installation guessing a login is not a problem. Logins may be obtained through NULL-sessions die to IPC$ share opened for everyone. Since the password was guessed, hacker would have permissions like a user the account belong to. To disable default shares, edit registry as follows: In key HKLM\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Create or edit AutoShareWks or AutoShareServer (for server) value and set it with REG_DWORD 0 To disable IPC$ share, go to key HKLM\SYSTEM\CurrentControlSet\Control\LSA And create or modify REG-DWORD value RestrictAnonymous You'd better set it to 1. This will not disable null-sessions, but prevent anonymous users from gathering sensitive information like user accounts etc. The value 2 is completely disable NULL, but it may cause problems in connections with none-Microsoft software and older MS versions (FYI see Q246261). Hope this helps. -- Best regards, Martchukov Anton aka VH mailto:[EMAIL PROTECTED] --------------------------------------------------------------------------- ----------------------------------------------------------------------------