Deepak Shrestha wrote:
Not really a false expectation. Its more of a curiosity about why
network browser in linux is showing the stuffs which are not even
needed by the user. I will accept that if my folder$ will show but
what about C$, D$, E$ so on an so forth which was not even shared from
windows machine?
What I mean is if a guest connects to my network (with a linux pc as
client), he can see how many drives I have, what share names are used
and what are hidden shares at a glance. So why should I need to give
such information for a visitor who will just use the network for a
time being only?
I know this is late to the discussion, but...
smbclient does not and can not know what is "needed by the user". The
-L option lists all of the shares that the server reports, and nothing
more than that.
You could modify smbclient to not report shares that end in '$', like
the windows browser normally does, but what do you do when your guests
connect to your network with a tool other than smbclient?
Security isn't something you can build into the client. You can't rely
on a client to "obey the rules" in any protocol. If you want
restrictions to be enforced on your data, then *you* must do the
enforcing on *your* machines. That's the only place where you have any
control at all.
That's why it's so important to understand what tools are available to
attackers, and to use those tools on your own hosts. If you've never
done that, then you don't know how much you're really leaving out there.
smbclient was never causing a problem, it was just telling you that
there *was* a problem that you hadn't noticed before.
