General discussion


Hiding all the System Folders

By kdyck ·
I have a client that wants to secure their Windows 2003 and Windows 2000 servers by hiding ALL of the folders on the system drive. By all folders I mean even the Program Files, Windows (WINNT) and all their subfolders/file.
Will that cause instability issues with the server or other apps that might be installed on that server? I have never heard of hiding every file/folder on the system drive. If I do this will the server still run?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by 3xp3rt In reply to Hiding all the System Fol ...

Theoretically you can do that. But if you have applications installed on Program Files folder, and starting this application is mean writing in some configuration files, the users don?t have more access and they can?t run those applications.

Collapse -

by cmiller5400 In reply to Hiding all the System Fol ...

What are the servers used for? Just a thought but why not just use the ACL's to restrict rights to shares and folders instead of hiding them? I have built servers that were pretty locked down. As usual, only administrators have access to the c$, d$ etc shares, so make sure that no users are a memeber of the domain administrators group or the local administrators group, and that will lock out anybody not in that group from accessing these shares. There is a security template that you should look at to see if it fits your needs. I can't remember the specific name of it. If the servers file system security is designed correctly there is no need to "hide" the directories.

Collapse -

if the users are accessing the folders by shares use $. if they are accessing the server by console then use group policies to lock them out of everything. basically hide control panel, my computer, etc.. then put only programs they have access to on the desktop.

Collapse -

by C O R In reply to Hiding all the System Fol ...

You can lock users out so that they can't even view the contents of a folder... probably the better way to go rather than hiding the folders. Hiding them won't really add any security as someone who is determined enough will still be able to get to them.

Collapse -

by Nilt In reply to Hiding all the System Fol ...

Are they sharing the root and then want to restrict access to folders in the share or do they want this as a local policy? I don't think a local ploicy can be done; you can't restrict access to required system areas easily for obvious reasons.

If they're sharing, simply create a new directory on the root and share that instead. If they're restricting access locally then they have other issues; only trusted persons shouldhave local access to a server for obvious reasons.

Related Discussions

Related Forums