Enhancing network security with secret share technique

In Windows, peer-to-peer networks can share system resources. Examples of this in the workplace are coworkers sharing hard drive folders and printers.

To secure shared resources, Window's share-level systems allow users to assign passwords. Shared folders can also be restricted with access settings of read-only or full. For example, in order to share a folder that contains sensitive information, you can password-protect the folder, set access rights, and give the password to specific users.

Even if you use these tools to control access to a shared folder, everyone in the workgroup can see that folder in Network Neighborhood. In some situations, this could be considered a breach of security. Fortunately, there's a little-known Windows networking technique that allows you to enhance the existing security features by secretly sharing network resources.

Secretly Sharing a Resource

In order to secretly share a resource, simply append a dollar sign ($) to it's share name. When you do so, the resource doesn't appear in Network Neighborhood, but is readily available to those who know that it's there.

This provides an additional degree of privacy and security to shared resource. Furthermore, any access restrictions or passwords assigned to that shared resource remain in effect. Let's take a look at some examples.

Secretly Sharing a Folder

The following example explains how-to secretly share a folder in My Computer. You can use the same technique to secretly share a folder in Windows Explorer.

To begin, launch My Computer and select the drive and folder you want to share. Right-click on the folder, and select Sharing from the shortcut menu.

You'll see the folder's property sheet. At this point, select the Shared As option and enter a name that ends with $ in the Share Name text box. Then specify the access type and a password, if desired. Click OK. Figure A shows the share name Secret$ with full access dependent on a password.

Figure A: To secretly share a folder, append $ to the share name in the folder's Properties dialog box.

Accessing a Secretly Shared Folder

Once you've secretly shared a folder, you need to know how to connect to it from another system. To begin, launch Network Neighborhood. Normally, to connect to a shared folder, you simply select the host system from the Network Neighborhood list and then locate and connect to the shared folder. However, as I've explained, since the Secret$ folder is hidden, you won't see it in the shared folder list.

To connect to the secretly shared Secret$ folder, click the Map Network Drive button on the toolbar. (If you don't see the Map Network Drive button on the toolbar, select View/Folder Options from the menu bar. When the Folder Options dialog box appears, click on the View tab, select the Show Map Network Drive Button In Toolbar check box, and click OK.) In the Map Network Drive dialog box's Path text box, enter the, network path and share name in UNC format. As you can see in Figure B, I added the path and share name \\Sun\Secret$.

Figure B: To connect to a secretly, shared folder, you'll need to use the Map Network Drive dialog box.

To complete the connection, click OK. If you specified a password, you'll see an Enter Network Password dialog box. When you enter the password, Windows connects you to the secretly shared folder.

Secretly Sharing a Printer

Now that you know how to secretly share a folder, I'll show you how to secretly share a printer. Suppose that the system on which you want to set up the secretly shared printer is named Sun and it's equipped with an HP LaserJet IIIP Plus printer.

To begin, launch My Computer and open the Printers folder. Right-click on the HP LaserJet printer icon and choose Sharing from the shortcut menu. When you do, Windows displays the Sharing page of the HP LaserJet IIIP Properties dialog box. To share the printer, select the Shared As option and then, in the Share Name text box, enter a name that ends with $. You can also assign a password to the printer in the Password text box, as shown in Figure C.

Figure C: To secretly share a printer, append a dollar sign ($) to the printer's share name.

To complete the procedure, click OK. If you've assigned a password to the shared printer, you're prompted to confirm it.

Accessing a Secretly Shared Printer

Once you've secretly shared a printer, you need to know how to connect to it from another system. To begin, launch My Computer and open the Printers folder. Next, double-click on the Add Printer icon to launch the Add Printer Wizard. Select the Network printer option when the wizard asks how the printer is attached to your computer.

When the Add Printer Wizard prompts you for the path to the network printer, you have two choices: you can either click Browse and scan the workgroup for a shared printer to connect to, or you can enter the shared printer's network path using the Universal Naming Convention (UNC) format for accessing network resources.

Of course, if you click Browse and scan the workgroup, you won't see the secretly shared printer. As such, to connect to the secretly shared printer, you must use the UNC format for accessing network resources and add the dollar sign ($) to the resource name. For example, to access the secretly shared printer on our example system, Sun, you'd complete the Network Path Or Queue Name text box as shown in Figure D. When you've finished, click Next to continue the installation.

Figure D: To connect to a secretly shared printer you must use the UNC format.

If you've assigned a password to the printer, anyone attempting to use the printer will be prompted to enter the password. When you enter the password, Windows connects your system to the secretly shared printer.

Greg Shultz is a Senior Editor for ZD Journals. He writes the monthly tips and techniques journals, Inside Microsoft Windows 98, Inside Microsoft Windows 95 and Windows Professional. You can reach Greg at greg_shultz@zdj.com.