This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- General Discussions
- Security Lapses in LANsweeper
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-16-2017 11:48 AM
in Lansweeper dashboard, when u select user PC , on the Left side u see Open C$, which means u can enter users C drive and as well as any drive in user computer, this is such a huge security loophole that anyone who comes to know will never purchase it.
can anyone help how to block such unacceptable loophole ?
Thanks & Regards,
Kaleem Basha
SAMCO
can anyone help how to block such unacceptable loophole ?
Thanks & Regards,
Kaleem Basha
SAMCO
Solved! Go to Solution.
Labels:
- Labels:
-
General Discussion
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-16-2017 01:55 PM
That is not a Security vulnerability within LanSweeper. That is a vulnerability with the PC it's self. Those are the built-in Windows Administrative shares. That is dictated by an organizations security policy on whether or not those shares are turned off on the client PC's.
Some organizations do use these Administrative Shares to for various reasons and LanSweeper is simply adding the ability to open the share through Windows Explorer. This means that if the organization has locked down the Administrative shares, if the user attempting to access them does not have rights should not be able to access it.
Also, You can customize access to all of PC Actions on the Configuration --> Asset Pages page
Here is a link on how to turn off/disable the administrative shares:
http://www.sysprobs.com/disable-administrative-shares-windows-7-lets-data-secret
Nik
Some organizations do use these Administrative Shares to for various reasons and LanSweeper is simply adding the ability to open the share through Windows Explorer. This means that if the organization has locked down the Administrative shares, if the user attempting to access them does not have rights should not be able to access it.
Also, You can customize access to all of PC Actions on the Configuration --> Asset Pages page
Here is a link on how to turn off/disable the administrative shares:
http://www.sysprobs.com/disable-administrative-shares-windows-7-lets-data-secret
Nik
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-16-2017 01:55 PM
That is not a Security vulnerability within LanSweeper. That is a vulnerability with the PC it's self. Those are the built-in Windows Administrative shares. That is dictated by an organizations security policy on whether or not those shares are turned off on the client PC's.
Some organizations do use these Administrative Shares to for various reasons and LanSweeper is simply adding the ability to open the share through Windows Explorer. This means that if the organization has locked down the Administrative shares, if the user attempting to access them does not have rights should not be able to access it.
Also, You can customize access to all of PC Actions on the Configuration --> Asset Pages page
Here is a link on how to turn off/disable the administrative shares:
http://www.sysprobs.com/disable-administrative-shares-windows-7-lets-data-secret
Nik
Some organizations do use these Administrative Shares to for various reasons and LanSweeper is simply adding the ability to open the share through Windows Explorer. This means that if the organization has locked down the Administrative shares, if the user attempting to access them does not have rights should not be able to access it.
Also, You can customize access to all of PC Actions on the Configuration --> Asset Pages page
Here is a link on how to turn off/disable the administrative shares:
http://www.sysprobs.com/disable-administrative-shares-windows-7-lets-data-secret
Nik
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- 🐝Unlock Data Insights with Community Hivemind in Product Discussions
- Noetic Cyber Integration: Prioritize Security Risks for Remediation with Proactive C in General Discussions
- QR Code scanning issue in General Discussions
- Integration Update! Get the Lanweeper + Licenseware SAM Bundle – for Free! in General Discussions
- Are people finding this Risk Insight vulnerability interface in LS Cloud remotely usable? in Product Discussions
