Hide Windows NT from Network Neighborhood Browsing

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

Don't want a windows nt server or your windows nt workstation to show up in Network Neighborhood? The server parm refers to the server service which both windows nt server and windows nt workstation have to support resource sharing. From a security perspective, disabling the server service in windows nt workstation will make the workstation invisible to standard hacker tools and tricks. Some administrators use this technique to hide a server until they are ready to make it available for their users.

The windows nt registry hack :

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Name: Hidden
Type: REG_DWORD
Value: 1

The command line method is

net config server /hidden:yes

This seems easier. Don't do it (except perhaps on workstations). There is a real gotcha! down the road. Unfortunately, and don't ask me why Microsoft would do this, this disables NT's ability to automatically tune the Server service at boot. See Q128167: Server Service Configuration and Tuning.

FYI but also not recommended: The net config server command has two other parameters. Issue the command

net config server help

will return:

The syntax of this command is:

NET CONFIG SERVER [/AUTODISCONNECT:time] 
                  [/SRVCOMMENT:"text"]
                  [/HIDDEN:{YES | NO}]

In Network Neighborhood, there is a comment column beside the machine name. SRVCOMMENT lets you enter a comment for display in Network Neighborhood. Be careful here. This is potentially a gold mine for hackers if you give too much information away. And don't forget about the tuning issue.

Featured Links