Question

Locked

Security

By tktesfaye ·
Hi
I have a question for you. How do you prevent IT staff with administrator privilege accessing your PC remotely using the C$ command

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Eh?

by OldER Mycroft In reply to Security

Why would you bite the hand that feeds you?

Collapse -

Submit your resignation!

by 1bn0 In reply to Security

Works every time.

If the IT staff have access to the computer than it is obviously not YOURS and beleongs to the company.

The first question that comes to mind is "What are you trying to hide"?

Maybe you should resign before you get fired for whatever illicit purpose you are mis-using the companies equipment?

Collapse -

Prepare to get "IT"

by technogeek-1995 In reply to Security

Prepare to get "IT!" You have unleached the inner beast in this form by tring to rid Admin. Almost everyone on here is IT administrators.


<Typo>

Collapse -

But to answer the question

by bens In reply to Security

If you are using XP w/ the SP2 Firewall, the C$ is being controlled via File & Print Sharing. This is listed as an Exception in the Windows Firewall. If checked, C$ becomes remotely available and by default it is available to anyone with domain admin rights on the subnet you reside on. So if you goto Windows Firewall in the Control Panel > Select Exceptions Tab > Edit File/Print Sharing > Change Scope. Doing this for all ports allows only certain IPs to incoming File/Print Sharing Ports.

Be careful with this, you could potentially disable/break other incoming communication that require those ports. Then again, if your admin was ahead of the game....you couldn't alter the firewall anyway...

That being said, as an admin, I use C$ to remotely SUPPORT troubles which leads to faster recovery. If I had a user that disabled this (which they can't) it would take me longer to resolve the issue - or pretty much they are screwed until I have the time to show up... See where I am going with this?

Collapse -

And if a user attempted this here

by 1bn0 In reply to But to answer the questio ...

They would find themselves unable to log on again until they completed a Network Access Request. Please note these take one week to process.

Collapse -

And if a user did that here

by OH Smeg In reply to But to answer the questio ...

They would be unable to gain access tot he network and anything from a week to 10 days latter when a Tech can turn up to fix the stated problem the person would find that they are permanently disconnected from the Company Network as they would be terminated on the spot by HR when the Tech reports that the computer has been messed with.

But then again this couldn't be done here as that option isn't available to the end users.

But you need to consider Computer Usage Policies as many places terminate end users for playing with the settings on Company Computers. They only get to use the computer for their work they do not own it or have any right to privacy on Company Supplied computers.

If our end users want to surf the Kiddy Porn Sites they can do it from home not the companies hardware or Internet connection as we are unwilling to support criminals.

Col

Back to Security Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums