abartlet at samba.org
Tue Jul 29 22:09:14 GMT 2003
On Wed, 2003-07-30 at 00:32, Javid Abdul-AJAVID1 wrote:
> Is there any way , any parameter (2.2.8a) I can use to block null username ( anonymous ) passwords to remedy the ISS scans.
Not that I know of - you could start playing real silly buggers with the
IPC$ share name, (set guest ok = no on that share) but there is nothing
Samba 3.0 adds the ability to easily restrict such access, as detailed
in Samba 2.2.
If your security policy is based on 'what the scanner told me' then it's
a pretty sad 'security' policy... (If the box is not a DC, it has not
got that much information to give away, even if it wanted to)
Why not add a hosts deny for the host scanning you? ;-)
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030729/dc5934c7/attachment.bin
More information about the samba-technical