[Samba] Possible security hole in 2.2.0a?
abartlet at samba.org
Tue Dec 31 21:30:01 GMT 2002
On Wed, 2003-01-01 at 07:56, Jim Carter wrote:
> On Sat, 28 Dec 2002, andy thomas wrote:
> > Unauthorised connection attempts to a server running samba 2.2.0a are a
> > daily occurrence but incorrect usernames/share names prevent accesses to
> > shares and this is not normally anything to worry about. But looking
> > through the smbd logs on this server I found one instance where someone
> > apparently knew the 6 usernames listed in the smbpasswd file and tried to
> > use those in turn to gain access. (This was unsuccessful as passwords
> > are used to protect access to shares).
> At work we had a similar attack on the Win2K PDC. Apparently on Windows
> it's a standard feature to enumerate the known users. Then the attacker
> tries a short list of weak passwords on each one. We had it set up so
> repeated authentication failures would lock the account. The helpdesk
> person really had her hands full that day!
> Probably all that's necessary is to browse the [homes] directory.
Yes, Samba provides that information. Samba 3.0 has changed the meaning
of the 'restrict anonymous' setting in smb.conf, and this now allows you
to disable this enumeration, in line with what Win2k does for the
registry key of the same name. If the machine is *just* a fileserver,
does not become local/master browser etc and is not a PDC, then
'restrict anonymous = 2' could be quite beneficial. (no IPC$ access to
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20021231/27b24291/attachment.bin
More information about the samba