Hiding your servers
As you can see, if a server is visible in the browse list, it's only a matter of time before someone who's either curious or malicious tries to break into it. Fortunately, there are a couple of ways to hide your servers from the Windows network browse list. First, though, I should point out that our first technique involves editing the registry on your servers. Editing the registry is dangerous, and an incorrect edit can destroy Windows and/or your applications. Therefore, I strongly recommend that you make a full system backup before making any registry changes. With that said, go to a machine that you want to make invisible and open the Registry Editor via the REGEDIT command. When the Registry Editor opens, navigate through the registry tree to this key. Next, right-click on the Parameters container and select New and then DWORD Value from the resulting shortcut menu. The Registry Editor will create the value, label it New Value #1, and highlight the label for editing. To change the label, just type Hidden. (This value is case sensitive.) Now, double-click on the Hidden key to open the Edit DWORD Value dialog box, where you can set the key's data. By default, the key is set to 0, which means that the key is disabled. You can enable the key by setting the data value to 1 and clicking OK. If you ever need to make the server visible, just set the data value back to 0 or delete the Hidden key altogether. You can also make a server visible or invisible by using the Net Config command instead of the Registry Editor. To make a server invisible, go to the server you want to hide, open a Command Prompt window, and enter this command: NET CONFIG SERVER /HIDDEN:YES If you want to make the server visible again, use this command: NET CONFIG SERVER /HIDDEN:NO Whether you choose to modify the registry or use the Net Config command, you must either reboot the machine or stop and restart the Server service for the change to take effect. Even after rebooting or stopping and restarting the service, it could take up to 51 minutes for the server to disappear from or reappear on the browse list. This is due to the browse list's expiration policies. Is it worth it?
Obviously, this is a simple change if you want to hide a server or two, but it can be a lot of work if you have a lot of servers to hide. So in that case, the obvious question is whether the measure is effective enough to be worth the effort. After all, the change will merely prevent users from accessing the server through the browse list. They can still access it through the UNC path (\\servername\share) or by the server's IP address, if they know either of those identifiers. And of course, hiding a server isn't going to keep an experienced hacker from finding it, either. What it will do is stop someone from accidentally accessing it -- or accessing it out of security--through the browse list. It may also prevent newbie hackers from discovering the server, depending on what tools they are using. Hiding a server is just one of thousands of security techniques, and no one technique is going to protect your network. It can be a good precautionary security measure, but it definitely shouldn't be the only security mechanism that you use to protect network servers.