nt-netbios-nullsession
Javid Abdul-AJAVID1
abduljavid at motorola.com
Tue Jul 29 14:32:27 GMT 2003
Is there any way , any parameter (2.2.8a) I can use to block null username ( anonymous ) passwords to remedy the ISS scans.
Thanks
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Monday, July 28, 2003 6:42 PM
To: Javid Abdul-AJAVID1
Cc: Multiple recipients of list SAMBA-TECHNICAL
Subject: Re: nt-netbios-nullsession
On Tue, 2003-07-29 at 06:29, Javid Abdul-AJAVID1 wrote:
> Sorry to bother technical group, but I have been looking for this for
> long.
>
> Any body knows the vulnerability for "nt-netbios-nullsession". Samba
> runs in domain mode/heterogenous enviroment here. Ver 2.2.8a on
> solaris ( in windows domain )
>
> Security is major concern in our corp here.
>
> Is there fix out ther for null sessions.
Null sessions are only an issue in that they allow information leakage.
You can find out user-names that are valid on the system. In most organisations, this is available anyway, so you don't actually gain much
- but that doesn't stop those with the power to impose such directives....
> Will this escape the ISS (security scans ) for
> "nt-netbios-nullsession" restrict anonymous = yes.
Only in Samba 3.0 - and it causes samba to be unable to perform a number of roles on the network - in particular, you cannot be a DC, or particpate in browsing. In Samba 3.0 that option is an integer 'restrict anonymous = 2' does not permit the null user to connect to IPC$
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list