Secure File Sharing
Quick tip on securing your Windows Shared Folders
Written by Justin Browning
judstin1@bigpond.net.au
Windows XP's default settings for file sharing can be quite insecure becuase anybody can view or modify a shared folder on your network from anywhere in the world in fact.
I wrote this quick guide after I realized how much of a hole Windows XP left when you use shared folders on your network. This is by no means a detailed guide, but being aware of these things is always a good thing and can help you become more aware of security theats that exist for Windows users today.
Don't take this guide the wrong way, if you do use file sharing on your network and are using SIMPLE FILE SHARING and it works for you and security isn't a problem, then forget this guide.
DIFFICULTY: Intermediate
Step One - Turn OFF Simple File Sharing
This step is very simple, all you need to do is open up FOLDER OPTIONS which can be found in the control panel, scroll to the bottom and uncheck 'Simple File Sharing' .
|
Don't worry about this setting being a recommended setting, if you really didn't know what you were doing, you probably wouldn't have shared folders or a network at home anyway. |
Step Two - Setting your desired folder to be SHARED and modifying some properties
Find the folder that you wish to share and right-click it and select PROPERTIES, then select the SHARING tab. You will see a window such as this:
 |
 |
All you need to do here is select Share this folder so that your folder will become a shared folder on the network. |
To add a little more security, you might want to adjust the maximum number of users that can connect to this share. I'll select 2 here. (This is obviously dependent on how many computers will need access to this share, so adjust accordingly). |
Step Three - Changing your shares permissions
By clicking on the PERMISSIONS button, you will be presented with this window which will allow you to choose which users you want to give access to the share. For example, you might have 10 users on your network but only want to give the users from the ADMINISTRATORS group permission to view and modify its contents, this is what you can do:
 |
In our example, to set the Administrators as the users to connect, all we need to type is: syntax:{SERVER NAME} \ {GROUP NAME}. In our case, we will simply type "HOME\Administrators" (without quotes) Then click OK. |
 |
By doing this, it will assign ALL the users from the administrators group access to the shared folder. Here is where you can adjust exactly which permissions to give to this group such as:
READ: only allows a user to access and read the contents, but not to change it. |
Once you are finished here, just click ok and thats it as far as the basics are concerned with sharing a folder, limiting the amount of users to connect, and assigning which users can connect and their permissions.
Granted, you shouldn't be doing any of this if you are not completely sure of what you are doing and some experience in networking will definately help you with this. There is heaps more you can do with your shared folders but all I wanted to show you was just some of the basics, if you're feeling confident, go right ahead and experiment with some more of the options you have and check out the SECURITY tab for better handing of the security for that folder.
Have fun!