Basic IT Security #6|淺談資訊保安 #6

victorier (66)in #cn • 7 years ago

Hello everyone! Thanks for your support on the IT security series. Do you remember last time we have discussed about the shared folder problem in the network? Yes, you have to properly configure the access right of the shared folder in order to prevent unauthorized access to your information. And I have got some question on do it has a convenient way to discover are there any shared folder was accidentally shared out in the network. The answer is yes.

大家好！很感謝大家對資訊保安系列一直以來的支持。不知道大家記不記得上一次我們討論過本地網絡上的共享文件夾功能？是的，我們要好好的設定它的訪問權限以防止別人可以接觸到我們的私人資料。而有一些朋友在問我，有沒有什麼方法可以更方便的檢查有那些資訊在本地網絡中被分享了，答案是有的。

Do you remember in the first post of the IT Security, I have introduced a tools - NetScan for you? The tool is designed for the network scan, and actually it has a lot of parameters you can set to perform an advance scan and this time, please let me show you how to discover the shared folder in your network.

不知道大家記不記得我在這個系列中的第一個帖子中曾經分享過一個工具，叫做NetScan？這個工具是專門為了網絡掃描而設計的軟件，裏面其實有很多不同的參數可以讓你自己設定。而今次，就讓我跟大家分享一下描掃共享文件夾的設定吧。

First, after you open the application, you should go to Options, and select Program Options:

首先，在你開啟軟件後先按Options，然後再選Program Options:

After that, go to the Shares tab and you can see that there are a lot of option. For the screen below, I have chosen the simplest options which just scan any share folder with the authorization right as my current account. And you can see that you can even specify the user permission and scan other shared item. You may test it by you own for those advance features.

然後，再去Shares的頁面，你可以看到當中有很多不同的選項。以下面的截圖為例，我選擇了最簡單的掃描共享文件夾，然後權限就算了我目前的權限。不過，你也應該看得到其實你可以選擇特定的權限或是掃描更多別的東西，你可以自己試一試更多高級的功能。

After the setup, you may just simply start to scan according to the step which is mentioned in my previous post. You can see the list of machine scanned as the screen capture below, and you can see the + icon before some machine, which means that there are shared resources. You may just click on the + icon.

當你設定好了之後，你可以根據我之前帖子中介紹的步驟開始掃描了。你可以參考下面的截圖來看一看掃描的結果，你可以看到，有一些機器的前面有一個+的符號，這說明這台機器有共享文件夾分享了出來，你可以按+來打開列表。

And the shared folder would be comes up. You may take below screen capture as a sample. There are mainly two icon you can see, one is a lock icon, one is the folder icon.

按下後，共享文件夾的列表就被打開了，你可以參考下面的截圖，主要會有兩種圖案，鎖頭的跟資料夾的。

For lock icon, which means that there are shared folder but you don’t have the permission for your current account, which is good.

鎖頭的圖案是指這個文件夾被分享在網絡上，但是你當前的權限沒有辦法打開，這很正常。

For the folder icon, which means that there is shared folder which you can access to it. You may not have the access right for the sub-folder, but you can still access the list of it.

而資料夾圖案的是指你能夠進入這個資料夾。你可能不能再進入當中的子資料夾，但是你也能夠看得到列表。

If you think clicking the icon one by one taking you so much time, you may just click the icon as shown below:

如果你覺得要一個一個的按太浪費時間的話，你可以按下圖的圖按:

Which will help you to expand the entire tree for the share folder of all your scan result.

它會幫你把掃描結果中所有的列表都打開來。

And if you have any doubt on the folder permission, just right click on the folder and select Property:

如果你對這些資料夾的權限設定有所疑慮，你可在資料夾的上面按下右鍵，然後選擇Property:

Then you can continue you permission checking as those normal OS operation.

然後你就可以使用平常操作系統中的方法來查看它的權限了。

And that it the end of today’s tutorial I think. You can have a try in your home or even in your office to see if there is any confidential information shared out. If yes, you can be a good person to remind your colleague to correct it. Or if you are bad enough, you may start to do something bad, but that is not suggested XD.