Windows Networking API/Redirector Security
A version of this page is also available for
4/8/2010
The redirector is a system-supplied (network) file system driver that provides access to files on remote computers. Applications can use Windows networking functions to establish and terminate network connections and to retrieve current configuration data for the Microsoft Network. Windows Embedded CE provides applications that allow the user to directly connect to, and retrieve data from, remote file shares.
For more information about the Redirector, see Windows Networking API/Redirector.
Because the Server Message Block (SMB) is susceptible to attacks by unauthorized users, and data is transmitted in readable form, Redirector poses some security risks. However, you can use some techniques to lower the risk to both your client and your server.
Best Practices
Use credentials
You can protect redirector shares with credentials, such as restrictions that allow only certain users to connect.
When using credentials, keep in mind that credential caching in the Windows Embedded CE redirector works the following way. When the Windows Embedded CE redirector first connects to a server, it authenticates using the credentials supplied by the user or an application (if the WNetAddConnection3 function is being called). The session established is kept connected for a period of time, during which other applications may access files over this connection, with the same level of access as the original logon. Once all files open on the server have been closed, the redirector will shut down the session to the server, requiring subsequent accesses to reauthenticate. The period of time between when the last file is closed and the OS shuts down the session is controlled by the ResourceExpiryInt registry setting. For more information, see Windows Networking API/Redirector Registry Settings.
An application can use the WNetEnumResource and WNetCancelConnection2 functions to force all files that are open on a particular server to be closed. This may be a good practice if an application needs to support multiple users, so that the current user cannot leverage connections established by the previous users.
Use SMB signing
To help protect the privacy between the client and server, you can enable SMB signing if the server supports it. This helps prevent a third party from altering requests and responses in the network during transport.
Note
While Redirector supports SMB Signing, it does not apply to Passthrough Authentication.
Applications should not allow users to directly run an executable on a network share
Directly opening an exectuable on a network share can expose the device to potential threats. The code can be changed on the server, which may allow malicious code to run on the device.
Default Registry Settings
You should be aware of the registry settings that impact security. In the registry settings documentation you will find a Security Note for those values with security implications.
For Redirector registry information, see Windows Networking API/Redirector Registry Settings.
See Also
Reference
Windows Networking API/Redirector Functions
Windows Networking API/Redirector Structures
Concepts
Accessing Remote File Systems
Managing Network Connections with WNet
Windows Networking API/Redirector Registry Settings