Shares enumerated through a null session

Matthias Schuendehuette msch at snafu.de
Sun Jul 1 15:01:45 GMT 2001


Hello everybody,

last week I tried to avoid a (medium severity) security complaint I got
from the ISS scanner of our security departement: "Shares enumerated
through a Null Session". I'm running Samba 2.0.9 on FreeBSD 4.3-STABLE.
It acts as a printserver with one filesystem share for the appropriate
printer drivers.

There's a simple check for this issue: From a NT-Station do

        net use \\<IP-Address> /user: ""
        net view \\<IP-Address>

The Samba server is configured with

        security = DOMAIN
        restrict anonymous = yes
        *no* guest acount

and a user.map file which maps all assigned domain users to dedicated
unix users, so I can't understand why this anonymous 'net view' is
working.

I can't access any share, be printer or filesystem, without beeing known
to the system but this dammed 'net view' works nonethless :-(

Does anybody know how to fix that?

Thanks in advance - Matthias

----------------------------------
Matthias Schuendehuette <msch at snafu.de>
Solmsstrasse 44         Date: 01-Jul-01
D-10961 Berlin          Time: 16:30:11

This message was sent by XFMail + FreeBSD 4.3-STABLE
----------------------------------




More information about the samba-technical mailing list