DATE: COMMAND SOURCE: AUTHOR: Netware SYSTEMS AFFECTED Win 95 PROBLEM The following text is Paul Brainard copyright. With Remote Administration and File Sharing for Netware Networks enabled on a Windows 95 machine, once a remote administrator accesses the system, a shared resource pointing to the hard drive is created to which all users on the same network have access. This share remains available even after the administrator logs off the system. The shared drive is not visible by browsing through the Explorer, but may be found by mapping a network drive to \\computername\C$. This gives read-only access to the entire local hard drive of the sharing computer. EXPLOIT SOLUTION Defending against this problem is a common sense issue that requires a bit of dicipline and dilligence. DON'T ALLOW YOUR NETWORK ADMINSTRATORS TO LOG ON TO WORKSTATIONS WITH THE "ADMINISTRATOR" ACCOUNT UNDER ANY CIRCUMSTANCES. KILL HIM IF NECESSARY. This simple policy will also help prevent against password cache attacks. Remember, when you log on to a standard Windows workstation, you user passwords are cached -- unless this feature has been disable.