[Samba] Results of nessus scan
Andrew Bartlett
abartlet at samba.org
Thu Dec 25 07:25:37 GMT 2003
On Wed, 2003-12-17 at 13:40, Jonas Carlsson wrote:
> James R. Trater wrote:
> > Try setting:
> > guestaccount = NULL
> > and
> > restrict anonymous = yes
> > in you smb.conf
> > I had the same problem, and this solved it for me.
>
> Just for the records; it really did the trick.
> Nessus reports nothing now!
Also for the record, we strongly recommend against this. Instead, run
Samba 3.0 and set 'guest account = nobody', if nobody is a valid user,
and set 'restrict anonymous = 2' if you are not running a PDC, and not
performing any browsing services.
'restrict anonymous' had no security benifit in Samba 2.2, but may have
fooled the scanner.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20031225/492fe791/attachment.bin
More information about the samba
mailing list