Security hole?

Luke Kenneth Casson Leighton lkcl at
Tue May 5 10:25:46 GMT 1998

On Mon, 4 May 1998, Celso Kopp Webber wrote:

>     Hi all!
>     I'm currently running the last sources from the samba CVS tree, and
> it works
> very well.
>     I've heard recently that NT had a weakness because it accepted the
> so called
> 'null sessions', so that one machine could administer another NT
> remotely, without
> providing a username and password. I found a small program on Internet,
> named
> QTIP, that can query any NT machine and get many useful information from
> it,
> such as  a list of users, list of shares, information about a user (for
> instance, user
> cannot change password). I've tested this program against one NT4 server
> under
> my administration, accross the Internet, and it worked! The bad part is
> that
> it worked against SAMBA NTDOM too!
>     Am I mistaked? Does this really constitute a security hole that
> samba is
> vulenrable?

you are absolutely correct :-)

> I've heard also that NT4 with SP3 can, if the administrator
> knows,
> be setup on the registry to not accept 'null sessions'. Wouldn't it be
> interesting to
> samba do the same?


>     Thanks in advance, and sorry if I'm saying any nonsense.

you are not speaking nonsense.

dana, can you add this one to the TODO list, at the top :-)

More information about the samba-ntdom mailing list