Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
curwin

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 10
Reply with quote  #1 
For security purposes, we want to prevent our users from accessing the C drive on their computers and on the terminal servers. These users are *not* local admins on either their workstations or the servers.

We have implemented the following Group Policy settings:

- Remove Run Menu from Start Menu
- Hide these specified drives in My Computer - Restrict C drive only
-Prevent access to drives from My Computer  - Restrict C drive only

This does prevent the users from accessing the C drive from Windows Explorer.

However, if they enter \\127.0.0.1\c$ or \\localhost\c$ they can access the C drive from any of these ways:

Internet Explorer / Edge

Chrome

A link in Microsoft Word

How can I prevent this? I repeat - they are not admins in any form, and yet they can access the C drive via the administrative share. (I am also not the only person reporting this problem).

I would be happy to block access to any UNC paths (as long as I can still map drives for them), or to prevent or misdirect 127.0.0.1/localhost. But nothing I have tried works, and I really need to prevent this.

Any ideas? It's most important for me to find a way to block this on Windows 10 Enterprise, but it seems to be an issue in various Workstation and Server operating systems.

Thanks,

David
0
wkasdo

Avatar / Picture

Administrator
Registered:
Posts: 183
Reply with quote  #2 
Not tested, but this looks promising as an approach: https://social.technet.microsoft.com/Forums/office/en-US/b168408e-a540-4e3a-92cc-3121486ceb78/admin-shares-available-to-nonadministrative-users-over-loopback-address?forum=winserversecurity
__________________
[MSFT]; Blog: https://blogs.technet.microsoft.com/389thoughts/
0
curwin

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 10
Reply with quote  #3 


Yes, I also just found that link. The registry fix seems to work. Thanks!
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation: