-2

I have a dedicated server with a public. I was having issues getting webdav working so I thought I would try to net use the drive and see if that worked.

It did work and I have a mapped drive to my public server's c drive.

Should I not do this? Is it secure?

I didn't want to be opening up my server inadvertently so I figured I'd ask what I'm getting myself into by going in to the server this away.

clarification

I was able to net use w: \\myip\c$ using my administrator username and password. I do not have any other shares open.

ErocM
  • 226
  • 7
  • 23

1 Answers1

1

You didn't provide a lot of details on the configuration of the server or whether or not you're using the Windows Firewall or have another firewall in place but a cursory glance at your question tells me that you've got a serious security issue. If you're able to map a drive from an external computer to a share on the server from across the internet then I'd say that the server is dangerously exposed and I'd caution you to address it pretty quickly.

Can you give us more detail on your configuration? Firewall, etc.?

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • I was able to net use \\myip\c$ using my administrator username and password. I have windows firewall turned on. Sorry, I should have included this. What else did you want to know? – ErocM Nov 08 '12 at 22:19
  • And you've made this connection from a computer that's not connected to the same LAN? You connected from one location to the server over the internet? – joeqwerty Nov 08 '12 at 22:23
  • yes, using the ip address – ErocM Nov 08 '12 at 22:28
  • OK. That's a problem. You don't want your server open to that type of communication (SMB and RPC) from external computers. Are you sure that the Windows Firewall is active? What network profile is the server configured for? – joeqwerty Nov 08 '12 at 22:31
  • I have Domain, Private, and Public all set to on. All three have inbound connections set to Block and outbound connections set to Allow. Network discover and file sharing are turned off. My network is set as a Public Network. Did that answer your question? – ErocM Nov 08 '12 at 22:39
  • Yes it did. The Public firewall profile is the most restrictive and if your network location is set to/listed as Public then I don't get how you're able to map a drive to the hidden Administrative share for the C: drive. Do you have a VPN connected between the remote computer and the server? Have you modified any firewall rules? Have you installed any Roles or Features? – joeqwerty Nov 08 '12 at 22:42