I was wondering last week about how to disable the hidden shares (shares terminating with a $, which are enabled by default). I didn't think much of it at the moment since I had a workload to do, but today I came across the solution reading a guide from PC stats. (This is good for begginners mainly, but has some extra info like this one) Beginners Guides: Ten Steps to a Secure PC For the entire article
Step 7. Disable 'hidden' shares within XP and 2000
The Danger : malicious users can easily gain access to every file and folder in your computer.
The Cause: Windows 2000 and XP both use a system of hidden administrative shares. Every drive on your computer system is shared under the name '(drive letter)$.' These shares exist to allow users with the correct username and password to remotely administer files on your computer. Of course, if a malicious user obtains a username and password with administrative rights to your system, all your files and folders are available to them over the Internet. They would be free to copy, change or delete as much of your data as they saw fit.
The cure: Disable the hidden shares.
Unless you are in a business environment, it is unlikely you will have a need for the hidden shares. Disabling them will considerably reduce the danger of your data being compromised remotely.
You will need to edit the Windows registry using REGEDIT in order to carry out this step. Please ensure that you backup your registry to a file before editing it.
To disable the hidden shares first start REGEDIT ('start\run' and type 'regedit') and then navigate to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\lanmanserver\parameters
Add the Dword value 'AutoShareWks' with a value of '0' and restart your computer.
I would just love to be able to rename thhis shares with a group policy from the Domain Controller Anyone know if this is possible?