Setting up user accounts with strong passwords and
then applying shared-folder permissions on those accounts are the
necessary network security tasks, and in most small networks they also
suffice for achieving a decent level of security. However, when it comes
to securing your network, a healthy dose of paranoia is another good
“tool” to have at hand. For example, the properly paranoid network
administrator doesn’t assume that no one will ever infiltrate the
network, just the opposite: The admin assumes that someday someone will get access, and then he or she wonders what can be done in that case to minimize the damage.
One of the first
things these paranoid administrators do (or should do) is hide what’s
valuable, private, or sensitive. For example, if you have a shared
folder named, say, Confidential Documents, you’re simply begging
a would-be thief to access that share. Yes, you could rename the share
to something less inviting, but the thief may chance upon it anyway. To
prevent this, it’s possible to share a resource and hide it at the same time.
Even better, hiding a shared folder is also extremely easy to do: When you set up the shared resource, add a dollar sign ($) to the end of the share name. For example, if you’re setting up drive L: for sharing, you could use L$
as the share name. This prevents the resource from appearing in the
list of resources when you open a remote computer from the Network
window.
To show you how this works, check out Figure 1. In the Properties dialog box for the L: drive, you see that the drive is shared with the following path:
That is, the drive is shared on the computer named MediaPC with the name L$. However, in the folder window, you can see that drive L: doesn’t appear in the list of resources shared by MediaPC.
Caution
Hiding shares will work for the average user, but a savvy snoop will probably know about the $ trick. Therefore, you should set up your hidden shares with nonobvious names.
How do you connect to a
hidden share? You need to know the name of the shared resource, of
course, which enables you to use any of the following techniques:
Select Windows
Logo+R (or select Start, All Programs, Accessories, Run) to open the Run
dialog box, type the network path for the hidden resource, and click
OK. For example, to display the hidden share L$ on MediaPC, you would enter this:
In a Command Prompt session, type start, a space, the network path, and then press the Enter key. For example, to launch the hidden share L$ on MediaPC, you’d enter this:
Use the Map Network Drive command. In the Map Network Drive dialog
box, type the UNC path for the hidden share in the Folder text box.
For the details on mapping a shared folder.
For a hidden shared printer, when Windows 7 begins searching for available printers, click The
Printer That I Want Isn’t Listed and click Next. In the dialog box that
appears, type the network path to the hidden printer in the Printer text
box.