Data Loss Prevention

Hello everyone!

Just to ask if somebody nows the way to enumerate hidden file shares con the DLP administrator console under the Content Root Enumeration.

I just set up some scans in some servers to look for File Shares and it completes successfully, enumerating all file shares available, except for the hidden share folders (ending with a $ symbol). Is there a way that we can enumarate all file shares, including the ones that are hidden?

The current DLP version we are using is 14.0.2

Thank you very much, and regards!

I am interesting in knowing this information too.  I want to know what hidden shares are out there.

Rene,

Since the content root is built off of AD lists, it cannot be done with the DLP System.

Though you can do the same thing with the OUTPUT from the first content root enumeration, or using a 3rd party tool. You can also just add the $ shares to the end of each server, just to cover your tracks.

https://docs.microsoft.com/en-us/sysinternals/downloads/shareenum

http://www.nirsoft.net/utils/netresview.html

https://www.raymond.cc/blog/scanning-for-connected-computers-in-local-network-and-finding-shared-folders/

Keep in mind that all of these tools, can possibly set off IDS systems .. if they are being used.

Good Luck

Ronak

PLEASEMARKED SOLVED WHEN POSSIBLE

Thank you for the answer, I was hoping that there was something inside DLP to make this work, but finally we will need to do it some other way. Kind of defeat the purpose of the Content Root Enumeration if we are using other methods to scan.

Thanks again, regards!