• Using GFI LANguard to find open network shares

    04 Nov 2010

    Have you see what your users are sharing up on your network? What about your server shares – are they divulging too much PII and intellectual property to any Joe Blow on the network?

    Outside of mobile security (smartphone weaknesses, lack of laptop encryption, etc.) the problem of unstructured information scattered about the network is a very predictable high priority finding in any given security assessment.

    The reality is you cannot secure what you don’t acknowledge. How do you know what’s in your environment just sitting there for the taking? You could very well have experienced an internal data breach and not know anything about it.

    Enter GFI LANguard.

    I’ve used LANguard for years to uncover open shares on networks and it works just dandy for this purpose.

    Do yourself a favor and download the trial version of LANguard and run the share finder tool in your environment to see just what’s being shared out – and exposed. It’s as simple as the following:

    1. Select Launch Custom Scan
    2. Select Network & Software Audit
    3. Select the Share Finder profile
    4. Select Scan a range of computers or Scan a domain or workgroup and enter your network information
    5. Enter the login credentials of a basic user representative of most domain users in your environment
    6. Select Scan and let the tool do it’s thing
    7. Once complete, select Analyze scan results
    8. Select Results Filtering (upper left)
    9. Select Open Shares (middle left)
    10. Scroll down and look* for shares with permissions granted to BUILTINUsers or Everyone
    11. Login to the network with the basic user credentials from above and see what you can see. I’ve found both FileLocator Pro and Identity Finder to work very well for rooting out sensitive information. I also recommend manual browsing for files/content/context that automated tools may have trouble uncovering.

    That’s it!

    I cannot stress enough that sensitive files readily-accessible on open shares is one of the greatest risks on your network. It’s screaming for your attention right now. So track down your open shares, set permissions on a need to know basis or remove the shares altogether, and get your arms around this beast before it grows even larger.

    *I wish LANguard had the ability to filter down into open shares even further by only showing shares that are open to specific groups or users that you specify. It’s a hassle to have to manually sort through things… Hint, hint. 🙂

Resources

view all

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including:

 

Tags

application security appsec basics books careers censorship CISO CISSP cities compliance coronavirus covid-19 cybersecurity data breaches hacking Hacking For Dummies heads in sand health incident response information risk keynote speaker leadership macOS networked cameras passwords patching racing resilience Russian hacking SDLC security culture security leadership security program management security speaker selling security social engineering speaking engagements spec miata sql injection tiktok time management training vulnerability and penetration testing web security

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.

For your convenience I accept