• Calendar
• A-Z Index

• Yale home
• About Yale
• Academic programs
• Admissions
• Health & medicine
• Working at Yale
• Yale & New Haven
• Yale & the World
• Yale Tomorrow
• News

• Prospective students
• Students
• Parents
• Faculty
• Staff
• Alumni
• Foundations & corporations
• Patients
• Visitors

Find it

• About ITS
• Policies
• Feedback
• Search ITS
• ITS A-Z Index
• System Status

File sharing and security

It's well known that sharing files, whether using AppleShare, NetBIOS or NFS (Network File System), opens up machines to a host of vulnerabilities. If you are using File Sharing, this means you are allowing access to drives/directories/files on your local hard drive. Check that all shares on local system drives are configured to grant access to only specific users or groups, and are not open to everyone. Removing any open shares will prevent unwanted access to your machine (e.g., virus, worms) and prevent your machine being used to maliciously access additional machines on the network. Don't share files unnecessarily.

Windows

• Windows NT
• Windows 2000
• Windows XP
• Win95, Win98 & WinME should NOT be used to share files. These operating systems are insecure and extremely susceptible to compromise.  If you want to use File Sharing upgrade to an ITS preferred/supported operating system.

Macintosh

• MacOS X
• MacOS 9
• Microsoft's UAM for MacOS
  Windows NT Advanced Server provides an installable component to validate users that are connecting to the Windows NT Advanced Server from a Macintosh. The Microsoft User Authentication Module (UAM) provides a more secure logon session by sending an encrypted password, rather than a straight text password, across the network. The Authentication Module also allows users to specify a domain if they are members of more than one domain. In order to log on to a domain other than the one the Windows NT Advanced Server is currently a member of, the user would type <Domainname>\<Username> in the Name text box. Also, the domain that the user is logging on to must be a trusted domain of the Advanced Server computer.

For further assistance contact the ITS Help Desk: (203) 785-3200 or email helpdesk@yale.edu

AppleShare protocol

This is a communications protocol from Apple Computer that allows client applications in a computer to exchange files with and request services from server programs in a computer network. AppleShare can be used over the Internet on top of the TCP/IP protocol, or on top of other network protocols such as Internetwork Packet Exchange and AppleTalk. Using the AppleShare protocol, a user can access files, applications, printers, and other resources on a remote server. It can communicate with any server program that is set up to receive an AppleShare client request.

All Macintosh and Mac OS clones include client and server AppleShare protocol support.  Microsoft Windows NT Server and Novell NetWare both provide AppleShare server protocol support, although they currently only support AppleShare over AppleTalk. Third-party AppleShare client/server support is available for Microsoft Windows for Workgroups,   Windows 95, and Windows NT, as well as for UNIX systems.
A given client and server may implement different sets of Appleshare protocol variations. The set of protocols to be used is negotiated before starting a session.

NetBIOS

Short for Network Basic Input Output System, an application programming interface (API) that augments the DOS BIOS by adding special functions for local-area networks (LANs). Almost all LANs for PCs are based on the NetBIOS. Some LAN manufacturers have even extended it, adding additional network capabilities.

NetBIOS relies on a message format called Server Message Block (SMB).

NFS (Network File System)

NFS is a client/server application designed by Sun Microsystems that allows all network users to access shared files stored on computers of different types. NFS provides access to shared files through an interface called the Virtual File System (VFS) that runs on top of TCP/IP. Users can manipulate shared files as if they were stored locally on the user's own hard disk.  With NFS, computers connected to a network operate as clients while accessing remote files, and as servers while providing remote users access to local shared files. The NFS standards are publicly available and widely used.