Hi, another security issue im having is detailed below:
The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (since it is more exposed to attacks.). If you don't use them set HKLM\SYSTEM\CurrentControlSet\Services\l... to 0 to prevent creation of these shares. For more information, visit: http://support.microsoft.com/support/kb/articles/Q245/1/17.asp
Ive visited but the file doesnt exist in the registry, ive searched the net but this file and AutoShareWKS do not exist in registry. At the following location:
HKLM\SYSTEM\CurrentControlSet\Services... Can anyone give me a clue as to removing this vulnerability. Oh and please dont tell me i dont need to remove it as ive been hacked and once is enough, thanks. And cheers.
Tags: