Disable automatic share and print discovery (Windows XP)

Send Us a Sign! (Contact Us!)
Word PDF Epub Text
XML OpenOffice XPS MHT

Windows XP automatically searches the network for shares and printers upon connecting to the network. This is probably useful in a SOHO (small office home office) or home network but not the enterprise. To disable XP automatic discovery:

  • In Explorer, click Tools;
  • Click Folder Options;
  • Click the View tab;
  • Uncheck Automatically Search for Network Folders and Printers in Advanced settings list.
  • It is important to disable this setting in Windows XP because it is the basis of a seriouse security flaw in XP. When you click My Network Places, your logon password may be transmitted automatically to numerous unspecified computers on the LAN.

    Windows XP tries to acquire the shared resources list of all computers on the LAN. At that time, the users local logon password is used when the password for the shared resource is not known. Your PC transmits the LMhash version of you password.

    [tweet]

    If there are NT4.0 or any other pre-Windows 2000 PCs on the LAN, XP will transmit your password to the pre-Windows 2000 PCs during its share and print search. It transmits the LM hash which is significantly weaker than XP or Windows 2000 hashes. In order to protect the LM hash, XP has a registry value:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\NoLMHash

    which if set to 1 will prevent XP or Windows 2000 from generating the LM hash. pwdump will not be able to acquire the LM hash, which is a good thing.

    Saddly, NoLMHash does not affect LM authentication. Even if NoLMHash has been set, XP will still transmit the LM hash to a NT4.0 machine when My Network Places is clicked.

    SOURCE

    LINK

    LANGUAGE
    ENGLISH

    1 thought on “Disable automatic share and print discovery (Windows XP)”

    Comments are closed.