| As you know, one of SP2's prominent features is the Windows Firewall, which is automatically turned on after installation. Is there a possibility that this firewall will block file sharing-related traffic? There is, but don't worry too much; the firewall automatically allows this sharing traffic when you enable file and printer sharing. But if sharing doesn't work as planned, you should still check the firewall. To check on the firewall settings specific to sharing, open the Windows Security Center. In the bottom section, you can manage the security settings for Windows Firewall. An alternative: access the folder's Sharing tab and click the "View your Windows Firewall settings" hyperlink at the bottom. Either way, you'll get the Windows Firewall dialog box, where you should then click the Exceptions tab, as shown in Figure 11-11. Figure 11-11. Windows Firewall settings for file and printer sharing. 
Make sure that the File and Printer Sharing option is selected so that the firewall won't block all requests for file and print resources. Hey, I Didn't Share That Out! If you followed along with the Shared Folders utility walk-through, you may have noticed several share names whose names end with a dollar sign ($). What's that all about? Who set those up? Well, the answer is not who, but what. XP sets up those shares, and they are your computer's administrative shares. These are automatically set up to facilitate system administration from remote computers. They are hidden, however, as users browse the network. XP creates the following administrative shares by default: The Driveletter$ share, where driveletter is the root of any logical drive. The ADMIN$ share, which points to the Windows XP installation folder, which is \Windows by default. The IPC$ (Interprocess Communications) share, which allows remote administration of a computer and is used to view shared resources. The PRINT$ share, which is present for remote printer administration.
In fact, any share with a dollar sign ($) after the share name will be hidden when using utilities like My Network Places. You can also create hidden shares for your own purposes by simply appending a dollar sign to the share name. This is a good way to store regularly needed files while keeping those files safe from the curious. If you try to administer the administrative shares, you may be in for a surprise. You cannot change the settings of administrative shares, such as permissions. You might even notice that if you try to stop sharing an administrative share, it will be shared out again if the computer reboots. Does this mean that just anyone who has knowledge of these hidden shares can access your drive and wreak untold havoc? No. Someone connecting to these shares can only do so in the context of an administrator account. Since the share name is hidden when browsing, you can only connect to a shared resource by specifying its name exactly, as in Start | Run… \\servername\c$. |
|
