Slashdot Mirror


File and Printer Sharing Insecure in XP SP2

ProKras writes "German magazine PC-Welt has discovered a major security flaw in Windows XP SP2 when installing over SP1. The article says that 'with a certain configuration, your file and printer sharing data are visible worldwide, despite an activated Firewall.' The magazine claims they were 'able to discover private documents on easily accessible computers on the Internet' and that the configuration is fairly common."

2 of 368 comments (clear)

  1. Re:I'm shocked! by Curtman · · Score: 5, Interesting

    I thought this was already common knowledge. Grab a copy of any P2P software and spend a few minutes port scanning clients you see in it. I spent an afternoon printing warnings on people's printers, with instructions on how to disable file & print sharing. Its quite an amazing thing to witness. About half of them are wide open, and don't require any password to mount the C drive or print documents. smbclient is a really fun utility. :)

  2. Re:Slashdot and SP2 by Izago909 · · Score: 5, Interesting
    Dubious or not, the solution is something that most people should do by default:
    This error can be corrected by choosing "User defined List" and entering the IP addresses that are supposed to have access - the IP addresses of your LAN. A whole range of an IP area can be entered as "192.168.x.0/255.255.255.0", if the respective addresses start with 192.168.x.
    So we should not allow file and printer sharing beyod our local network. Who would a thought? They also recommend using a router with a firewall or a secondary software firewall. It's been a while since I used zone alarm, but the last version I tried didn't notify the user if a windows process tried to access the network. That's why I switched to Sygate. You'd be suprised what parts of windows want to transmitt data (like the file inexing serive) even though you aren't running them.