Windows file share with anonymous logon/access

We had a question put through about setting up a files share and allow the external public users access without requiring credentials, although not a good idea due to security as anyone on the internet can potentially access the share and dump viruses and trojans on to it hence opening up an entry point that could easily be exploited, reduced security.

It was a requirement so we did a little research and the following is what we came up with:

  1. Right click on the folder you want to share, on the Share tab note hte Network Path
  2. Now go to start and search “Local Security Policy” and press enter
  3. Expand “Local Policies” and then Click Security Options
  4. Find the Policy: “Network access: Let Everyone permissions apply to anonymous users” and set the setting to “Enabled” and click OK
  5. Now find the Policy: “Network access: Shares that can be accessed anonymously” and enter the Network path you noted in step one into the text box and click OK
  6. Now open Command Prompt, you can search cmd in the Start search and press enter
  7. Type the following command and press enter: gpupdate /force
  8. Now you should be able access the share without having the need to enter credentials but if they try accessing other share they will be prompted with the login dialogue box

Again, we cannot emphasise enough how bad of an idea this is, unless you have a genuine requirement for it and reduce the risk as much as possible.
By allowing unrestricted access you are opening an entry point that could easily be used. huge amount of security issues, e.g.

Thank You



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s