This note explains how to verify if your PC or network
are vulnerable to share aware threats, and how to stop that
vulnerability from exposing your system to unnecessary risks.
The large number of private users and enterprises that
get repeatedly affected by share-aware malware, like
Opasoft, Nimda,
and Klez, etc., despite having up-to-date
AV software in place, indicate how serious and widespread
the problem is.
'File and printer sharing' is the service that allows sharing
drive content and various resources by multiple users, over
the network. The service that allows the networking is a
different one, labeled 'client for Microsoft networks'.
In the following we offer a few tips how to minimize
the file sharing vulnerability.
If you have no local network, then the file and printer
sharing service should not be installed. Check
by right-clicking the network neighborhood icon and select
'properties'. Alternatively, open 'Network' in Control Panel
and remove the service if found.
If your PC connects to a local network, then check
the bindings for your external communication protocol.
If you use a modem for dial-up, then the protocol will be
marked "TCP/IP -> Dial-Up adapter".
Select the protocol (accessing the list of protocols is
the same as in the previous paragraph), click 'properties'
and verify that "file and printer sharing" is
not checked.
Uncheck 'file and printer sharing' if it is, then press
OK twice to exit back to the desktop. You will have to restart
the computer to have the change take effect.
If you use ADSL, or a cable modem, then the protocol that
you are looking for is the one used by the network adapter
that connects to the ADSL/cable modem. Proceed the same
way to stop file sharing through that protocol, by unchecking
the service in its bindings list, under 'properties'.
Another mistake that users commonly do is the sharing
of the entire system drive, usually C:. This condition
is often found in home networks or in small businesses,
where maintenance personnel may have set the sharing, without
understanding what they did wrong. Let's make it clear:
There exists almost no condition for which one needs sharing
the system directories! Yet doing so will expose the system
to unnecessary risks, of which viruses are only a small
percentage of.
To check if your system drive is shared, double click MyComputer
and look if the C: drive icon shows a hand holding it from
beneath. If you see the hand, then it means the drive is
shared.
If the system drive is other than C:, then check the other
drive icon instead of C:.
Sharing the entire system is always risky.
If you must share directories then always do it at the
sub-directory level, never share the entire drive, and never
share the system directory and/or its sub-directories.
To stop sharing the drive, right-click on the drive icon,
select 'sharing' and change from 'shared as' to 'not shared'.
To establish a desired share, right click the folder to
be shared, select 'sharing' and set the share type.
Lastly, tightening security on file sharing minimizes the
risks presented by threats that use sharing as their distribution
engine, existing ones, as well as new and future ones.
©NetZ Computing Manufacturers of InVircible
Back
