Shares enumerated through a null session
Matthias Schuendehuette
msch at snafu.de
Sun Jul 1 15:01:45 GMT 2001
Hello everybody,
last week I tried to avoid a (medium severity) security complaint I got
from the ISS scanner of our security departement: "Shares enumerated
through a Null Session". I'm running Samba 2.0.9 on FreeBSD 4.3-STABLE.
It acts as a printserver with one filesystem share for the appropriate
printer drivers.
There's a simple check for this issue: From a NT-Station do
net use \\<IP-Address> /user: ""
net view \\<IP-Address>
The Samba server is configured with
security = DOMAIN
restrict anonymous = yes
*no* guest acount
and a user.map file which maps all assigned domain users to dedicated
unix users, so I can't understand why this anonymous 'net view' is
working.
I can't access any share, be printer or filesystem, without beeing known
to the system but this dammed 'net view' works nonethless :-(
Does anybody know how to fix that?
Thanks in advance - Matthias
----------------------------------
Matthias Schuendehuette <msch at snafu.de>
Solmsstrasse 44 Date: 01-Jul-01
D-10961 Berlin Time: 16:30:11
This message was sent by XFMail + FreeBSD 4.3-STABLE
----------------------------------
More information about the samba-technical
mailing list