0

Here is what I am trying:

Launch ami-c98d55a0 with t1.micro size and a security group with inbound tcp ports 139, 445, 3389 open.

Using paping, I get a response on port 3389 but not 139 and 445, so I remote desktop into my instance and turn off the firewall completely.

I then try the following in cmd.exe on my local machine (Windows 7 Home Premium 64-bit), running as Administrator.

C:\Windows\system32>psexec \\ec2-XX-XX-XXX-XXX.compute-1.amazonaws.com -u Administrato
r -p "XXX" cmd.exe

PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com

Couldn't access ec2-23-20-216-189.compute-1.amazonaws.com:
The network path was not found.

Make sure that the default admin$ share is enabled on ec2-23-20-216-189.compute-
1.amazonaws.com.

I am very new to windows server administration, so I am not too sure where to go from here. I am getting a lost trying to figure out how to enable the default admin$ share.

EDIT: So I guess this is a very bad idea. Can you recommend a method? I need to run a bunch of .bat or a series of commands I can call from cmd.

oob
  • 215
  • 2
  • 6
  • I really have to question the wisdom of what you're doing, especially without significant prior experience with the OS. I feel your next question may well be related to how to repair the damage resulting from having your server compromised. – John Gardeniers May 08 '12 at 05:16
  • hey john. my plan is to run some scientific programs for an hour or two and then discard each instance. i am trying to get things up a running for now and then will focus on locking things down and turning the firewall back on. – oob May 08 '12 at 05:36
  • the risk is that you have that server publicly accessible but you, by your own admission, aren't very experienced with the OS. May I suggest you at least ask a more experienced person to help you with the server's security. There'a a whole lot more to it than just enabling the firewall. – John Gardeniers May 08 '12 at 07:34
  • @JohnGardeniers Did I say that I thought the only thing I needed to do was enable the firewall? I know there are other things. I have no help. I am sorry, but I can't help that. I am trying to get up and running with a prototype first, and then I will focus on security. – oob May 08 '12 at 14:40

1 Answers1

2

You at least need port 135 open as well.

That said, I don't know that I would suggest putting a Windows machine on the Internet with all of those ports open. Can you at least have the firewall limit those open ports to your local system's IP?

wfaulk
  • 6,878
  • 7
  • 46
  • 75
  • yeah i could try that. basically, i'm going to be using it for some scientific computing and only hope to have each machine exist for an hour or so. – oob May 08 '12 at 05:36