Shared folders

wrote:
> Well you know how you can use remote desktop on a network. You just
> type in the computer name and login. But you can also type in an IP
> address when you are not on that network.

Yes, if someone has opened up remote desktop through the firewall/router.

> Does the same apply for
> shared folders?

It can be, yes....

> If it did that would be awesome.

No, it would actually be the equivalent of running with scissors.You don't
want to open up file/printer sharing access from outside your network unless
it's via a VPN (virtual private networking) connection.

> Also, if this is
> possible, what (if any) ports would I need to forward on my router?

TCP 139, if you really want to get hacked.

>
> (One thing about me: When I post questions, I want answers, not
> alternatives. So don't tell me to use the "publish this to the web"
> thing or IIS or anything.)

Cool. One thing about me - when I volunteer my own time to answer people's
requests for free tech support in public newsgroups, I give them the best
and most appropriate answers I can....which may not always what they want to
hear. They're free to take the advice or leave it, as long as they do so
politely.

I'm sure you can't have intented your post to read as a demand, but
I suggest you tone it down a bit if you want people to help you.
 >> Stay informed about: Shared folders 

The short answer to your question is: yes, you can share whatever you want
to everyone on the Internet with a little configuration on your side.

The proper answer is that yes, you can do what you ask, but it comes with
security caveats and unless you are ready to deal with the consequences or
learn how to avoid them - you'd be better off using some service where you
could store files on a remote server and allow those you wish to access them
through various secure means.


zachlr1 wrote:
> Well you know how you can use remote desktop on a network. You just
> type in the computer name and login. But you can also type in an IP
> address when you are not on that network.

You can do more than that - you can get yourself a free Dynamic DNS address
and all you have to do is remember the NAME (like zachlr1.dyndns.org) and
then you can use that instead to refer to your home computer. Of course
this can be more complicated dependent on your setup (broadbad routers, port
forwarding, firewalls... everything has to be configured to allow the
services you desire.)

> Does the same apply for shared folders? If it did that would be awesome.

In general - yes. The same does apply. I remember a long time ago when the
cable modems just started testing in my area I could 'sniff' the network and
find lots of 'open' machines. I could - because of defaults or because they
shared things out - see people's files and folders. Sometimes i would leave
friendly warnings on their desktops letting them know they might want to
secure their system a bit - since I could practically see every file on
their system and putr anything I wanted on there. So 'awesome' might not be
the term you want to use there - as sharing folders openly on the Internet
is generally dumb unless done properly/securely.

> Also, if this is possible, what (if any) ports would I need to forward on
> my router?

Port 139 would need to be opened through any firewalls/forwarded through any
routers to the machine in question for File sharing. Note that opening that
port could be more of an invitation than anything else. Doesn't matter if
you only give out the IP/name of the machine out to people you trust or
not - as my story from long ago demonstrates - if it is there - it can be
found. Tools to do such things have become much more sophisticated since
the time I did it way back then in the story I gave... It's easier and
faster and less technical knowledge is actually needed thanks to the tools.

> (One thing about me: When I post questions, I want answers, not
> alternatives. So don't tell me to use the "publish this to the web"
> thing or IIS or anything.)

You want answers, not alternatives? You realize - alternatives *are*
answers. I can tell you that you can open up port 139, you can use a
service like dyndns.com to make it easier to track possible IP changes so
you don't have to, that you can create a share and hand it out to people -
but that would be wreckless and stupid and doing you a dis-service.

You gain nothing out of someone just telling you that you *can* do
something. If that is all you wanted - you could have just researched it
(you can google search for the ports needed, etc.), tried it and gotten it
to work yourself (it would have) and not cared about the inherit dangers...
However - something prompted you to actually ask - which tells me you might
have had more questions than you put out there - or at least a lingering
doubt on something.

You cannot dictate how someone might respond to your post. It's not going
to happen. Putting it out there like you have makes you look more like you
don't want help than anything else. Sure - you might have been frustrated
with answers you received in the past - but they are just answers to
something you posted. They are not something you have tatooed on your body
or that you even have to read if you don't want to. The people who freely
offered you whatever advice they gave may/may not have meant to 'harm' you -
but seldom should that be plausible anyway unless you allow it to be.

I cannot see how your experience has been that bad thus far - unless you
posted under other aliases:
http://groups.google.com/groups/profile?enc_user=mwzzzhEAAADOP93WQwBgl..._fsUDaC

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html
 >> Stay informed about: Shared folders 

wrote:
> On Sep 22, 11:51 am, "Lanwench [MVP - Exchange]"
> wrote:
>
>>> Does the same apply for
>>> shared folders?
>>
>> It can be, yes....
>>
>>> If it did that would be awesome.
>>
>> No, it would actually be the equivalent of running with scissors.You
>> don't want to open up file/printer sharing access from outside your
>> network unless it's via a VPN (virtual private networking)
>> connection.
>>
>>> Also, if this is
>>> possible, what (if any) ports would I need to forward on my router?
>>
>> TCP 139, if you really want to get hacked.
>>
> So what you are saying is that forwarding 139 is basically a hack
> invitation?
> Even If I would tell it to friends who I know would not hack me?
>
> Knowing that I have no bank information, and very little personal
> information on my pc, what is the worst that could happen if I get
> hacked.

Plenty. It isn't just about you....someone can very easily turns your
computer into a zombie/attack vector to distribute malware/spam and lord
knows what else to innocent parties. Port 139 is probably the most
scanned-for and attacked port. To be blunt, it's just plain dumb and
irresponsible to leave your computer exposed like that, especially when you
have other options. VPN is a cinch to set up and mitigates the risk of all
this, significantly. Look into it if you want access to your files from
outside your own network. Even that isn't a guarantee, but you're at least
not hanging a big sign on your door that says "The key is under the mat!"

> If my pc gets messed up I just reinstall the os, and my files
> are on my secondary hd.

What makes you think the secondary HD is safe? What makes you think you'll
automatically know when your computer is "messed up" ?

>
>>
>>> (One thing about me: When I post questions, I want answers, not
>>> alternatives. So don't tell me to use the "publish this to the web"
>>> thing or IIS or anything.)
>>
>> Cool. One thing about me - when I volunteer my own time to answer
>> people's requests for free tech support in public newsgroups, I give
>> them the best and most appropriate answers I can....which may not
>> always what they want to hear. They're free to take the advice or
>> leave it, as long as they do so politely.
>>
>> I'm sure you can't have intented your post to read as a demand, but
>> I suggest you tone it down a bit if you want people to help you.
>
> No, I was not trying to be mean.

No, I'm sure you weren't. It just reads that way.

> It is just one thing that bothers
> me. When I ask a question on how to do something, and someone tells
> me to do something different. Just because they prefer the other way,
> doesn't mean I do to.

Sure. But when that happens, all you need to do is to politely thank them
for their
advice.... and decline to follow it. This is a public newsgroup, and
caveat emptor definitely applies.
 >> Stay informed about: Shared folders 

Well that is somewhat disappointing. I was really hoping that I would
be able to do that safely. Oh well.

What makes people want to hack random people's computers anyway?
Random is the key word there, they don't even know you or have
anything against you. What is wrong with people?

So does that mean that if someone is not on a router, and connected
directly to the internet, that they could get hacked the same way as
if you forwarded port 139?

Disregard the last paragraph of my first post. I wasn't trying to be
mean or anything. I was just angry at the time and somehow ended up
venting on google groups asking about shared folders. We've all been
in a bad mood before, just don't take it personally when things like
that get posted. I hope you understand and that that is cleared up.
 >> Stay informed about: Shared folders 

Oh and one thing I forgot:
I have the remote desktop ports forwarded on my router. Is this
safe? I have a password on my windows account, and it requires you to
log in so that end wouldn't be a problem. But would someone be able
to "hack" past that?
 >> Stay informed about: Shared folders 

wrote:
> Well that is somewhat disappointing. I was really hoping that I would
> be able to do that safely. Oh well.

Look into VPN, seriously. It's easy to set up and will give you at least
some degree of security. Ideally, your router/firewall can act as an IPSEC
VPN endpoint - but even if it can't you can use L2TP natively in WinXP, I
think.
>
> What makes people want to hack random people's computers anyway?

Bored teenagers (of all ages) going through a pituitary crisis? Who knows.

> Random is the key word there, they don't even know you or have
> anything against you. What is wrong with people?

It's not even *people* half the time- it's zombie machines that have already
been hacked. However, compared to, say, the Khmer Rouge purges, this sort of
childish activity doesn't really make me sit back & question the innate
goodness of people, I have to say.

> So does that mean that if someone is not on a router, and connected
> directly to the internet, that they could get hacked the same way as
> if you forwarded port 139?

Hell yeah.
>
> Disregard the last paragraph of my first post. I wasn't trying to be
> mean or anything. I was just angry at the time and somehow ended up
> venting on google groups asking about shared folders. We've all been
> in a bad mood before, just don't take it personally when things like
> that get posted. I hope you understand and that that is cleared up.

No, no offense was taken, and I hope my schoolmarmish reply didn't offend
either. I understand where you're coming from, but sometimes it's best to
leave stuff in your Outbox overnight before hitting Send, eh?
 >> Stay informed about: Shared folders 

wrote:
> Oh and one thing I forgot:
> I have the remote desktop ports forwarded on my router. Is this
> safe? I have a password on my windows account, and it requires you to
> log in so that end wouldn't be a problem. But would someone be able
> to "hack" past that?

Sure, with enough time and interest in doing so. But it's unlikely. Use good
long passwords (mixed case, some non-alpha characters) on your accounts
(including the built-in administrator account). And as mentioned consider
VPN.
 >> Stay informed about: Shared folders