Re: What Are These Shares(Remote Admin/Remote IPC)?

["Alex Lomas" <[EMAIL PROTECTED]>]

> are these neccessary..? I don't do any remote administration on/to this
> host
> (Win2kPro).

A 2k/XP box always has admin shares - they're hidden (hence the $). I
believe you can delete the IPC$ share but it always comes back after a
reboot. I have heard of attempts being made to brute force accounts using
IPC$ as it's used in authentication and RPC (I think).

You may also find a print$ share on the machine if you have a shared
printer - this is used to store printer drivers so that remote clients can
seemlessly install the correct drivers when they connect (kinda neat but
world readable I think!)

--Alex

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------