Jump to content

I need to review the security of all the shares on my domain

Guest miponte

By Guest miponte
in Windows 2003 Server

 Share

Recommended Posts

Guest miponte

Guest miponte

Posted
Posted

Hi there, i´ll try to explain my problem:

 

My network is going to be audited and I need to check the

security configuration of all the network shares i have on my domain

to see if just the groups and users that need to have access to each

share are the correctly configured.

 

Does anyone know any software, script, console or method that can

help me to achieve this without checking manually each share in each

server (it could take ages).

 

Thanks.

 

Miguel.

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Mathieu CHATEAU

Guest Mathieu CHATEAU

Posted
Posted

Re: I need to review the security of all the shares on my domain

 

Hello,

 

You may first scan to identify all network share, looking specially on

workstation (developpers, if you read me..)

 

I use this script:

 

 

'**************************************

If Wscript.Arguments.Count <> 1 Then

Wscript.Echo "Syntax error"

Wscript.Echo _

"cscript //nologo CreateGroups.vbs OU TO CHECK"

Wscript.Quit

End If

ouName = Wscript.Arguments(0)

 

 

Const ForWriting = 2

strComputerContainer = "ou=" & ouname & ",dc=MYDOMAIN,dc=COM"

Const SHUTDOWN = 12

 

Set objShell = CreateObject("WScript.Shell")

Set objContainer = GetObject("LDAP://" & strComputerContainer)

objContainer.Filter = Array("Computer")

 

 

For Each objComputer In objContainer

 

strComputer = Split(objComputer.Name, "=")(1)

 

If IsConnectible(strComputer, 1, 50) Then

'-----------------------

err.number = 0

Set objWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _

strComputer & "\root\cimv2")

 

Set objItems = objWMI.ExecQuery("SELECT Name, Description, Path FROM

Win32_Share")

 

 

' Loop through each share on the computer...

For Each objItem In objItems

If objItem.Name <> "IPC$" and objItem.Name <> "C$" and objItem.Name <>

"ADMIN$" Then

wscript.echo strComputer & ":" & objItem.Name

End If

Next

 

Else

wscript.echo strComputer & ": not on the network"

 

End if

Next

 

 

Function IsConnectible(sHost, iPings, iTO)

 

If iPings = "" Then iPings = 2

If iTO = "" Then iTO = 750

 

 

Const OpenAsASCII = 0

Const FailIfNotExist = 0

Const ForReading = 1

 

 

Set oShell = CreateObject("WScript.Shell")

Set oFSO = CreateObject("Scripting.FileSystemObject")

sTemp = oShell.ExpandEnvironmentStrings("%TEMP%")

sTempFile = sTemp & "\runresult.tmp"

 

oShell.run "%comspec% /c ping.exe -n " & iPings & " -w " & iTO & " " &

sHost & ">" & sTempFile, 0 , True

 

Set fFile = oFSO.OpenTextFile(sTempFile, ForReading, FailIfNotExist,

OpenAsASCII)

 

 

sResults = fFile.ReadAll

fFile.Close

oFSO.DeleteFile(sTempFile)

 

 

Select Case InStr(sResults,"TTL=")

Case 0 IsConnectible = False

Case Else IsConnectible = True

End Select

End Function

 

 

 

 

--

Cordialement,

Mathieu CHATEAU

http://lordoftheping.blogspot.com

 

 

"miponte" <miponte@gmail.com> wrote in message

news:1190629920.447224.283290@k79g2000hse.googlegroups.com...

Hi there, i´ll try to explain my problem:

 

My network is going to be audited and I need to check the

security configuration of all the network shares i have on my domain

to see if just the groups and users that need to have access to each

share are the correctly configured.

 

Does anyone know any software, script, console or method that can

help me to achieve this without checking manually each share in each

server (it could take ages).

 

Thanks.

 

Miguel.

Guest Mathieu CHATEAU

Guest Mathieu CHATEAU

Posted
Posted

Re: I need to review the security of all the shares on my domain

 

If you accept commercial one:

http://www.permissionanalyzer.com/

 

Else you can use subinacl or other vbscript to list NTFS ACL

 

--

Cordialement,

Mathieu CHATEAU

http://lordoftheping.blogspot.com

 

 

"miponte" <miponte@gmail.com> wrote in message

news:1190629920.447224.283290@k79g2000hse.googlegroups.com...

Hi there, i´ll try to explain my problem:

 

My network is going to be audited and I need to check the

security configuration of all the network shares i have on my domain

to see if just the groups and users that need to have access to each

share are the correctly configured.

 

Does anyone know any software, script, console or method that can

help me to achieve this without checking manually each share in each

server (it could take ages).

 

Thanks.

 

Miguel.

Guest Tom

Guest Tom

Posted
Posted

Re: I need to review the security of all the shares on my domain

 

shareenum.exe ?

 

 

 

miponte wrote:

> Hi there, i´ll try to explain my problem:

>

> My network is going to be audited and I need to check the

> security configuration of all the network shares i have on my domain

> to see if just the groups and users that need to have access to each

> share are the correctly configured.

>

> Does anyone know any software, script, console or method that can

> help me to achieve this without checking manually each share in each

> server (it could take ages).

>

> Thanks.

>

> Miguel.

>

 Share
Go to topic listing
×
×
  • Create New...