\[Editor's Note: Share your security discoveries, comments, problems, solutions, and experiences with products. Email your contributions (500 words or less) to [email protected] We edit submissions for style, grammar, and length. If we print your submission, you'll get $100.\]
To improve security on a Windows-based network, append a dollar sign ($) to your share names to hide shares from users. When you use this step in conjunction with tight NTFS and share permissions, you reduce incidental attempts by unauthorized users to click folders they shouldn't open. If users can't see the folders, they won't try to see what the folders contain. For authorized users, you can use a logon script to map the hidden share to a drive letter. Thus, only users who are authorized to access the folders will know the folders exist. Only technically savvy unauthorized users who know the exact path to the share can reach the restricted folders—and NTFS or share permissions will still deny these users access.