[Samba] samba security question - samba vulnerable to
anyWindowsExploits?
Ryan Frantz
RyanFrantz at informed-llc.com
Wed Jun 23 15:21:18 GMT 2004
Paul,
Are you using Samba to authenticate then? You've created user accounts
on your Linux system that map to Windows accounts and built the Samba
password database using 'smbpasswd'?
ry
-----Original Message-----
From: samba-bounces+ryanfrantz=informed-llc.com at lists.samba.org
[mailto:samba-bounces+ryanfrantz=informed-llc.com at lists.samba.org] On
Behalf Of Paul Bradshaw
Sent: Wednesday, June 23, 2004 11:14 AM
To: samba at lists.samba.org
Subject: Re: [Samba] samba security question - samba vulnerable to
anyWindowsExploits?
Hi Ryan,
I am not authenticating to any Windows server, I just have the samba
server itself set up with 3 users who an login.
...Paul
Ryan Frantz wrote:
>Paul,
>
>Are you using a Windows PDC or ADS to authenticate your Samba shares?
>If so, the problem would not be with Samba, but with the authenticating
>server.
>
>Ryan
>
>-----Original Message-----
>From: samba-bounces+ryanfrantz=informed-llc.com at lists.samba.org
>[mailto:samba-bounces+ryanfrantz=informed-llc.com at lists.samba.org] On
>Behalf Of Paul Bradshaw
>Sent: Wednesday, June 23, 2004 11:02 AM
>To: samba at lists.samba.org
>Subject: [Samba] samba security question - samba vulnerable to any
>WindowsExploits?
>
>
>Hi there,
>
>I'm unclear on this warning I got from NeWT when I scanned my Linux
>workstation. Could someone clarify for me if I should be worried?
>
>Thanks,
>
>...Paul
>------------------------
>microsoft-ds (445/tcp)
>
>
>
>It was possible to log into the remote host using the following
>login/password combinations :
>'administrator'/''
>'administrator'/'administrator'
>'guest'/''
>'guest'/'guest'
>
>It was possible to log into the remote host using a NULL session.
>The concept of a NULL session is to provide a null username and
>a null password, which grants the user the 'guest' access
>
>To prevent null sessions, see MS KB Article Q143474 (NT 4.0) and
>Q246261 (Windows 2000).
>Note that this won't completely disable null sessions, but will
>prevent them from connecting to IPC$
>Please see
http://msgs.securepoint.com/cgi-bin/get/nessus-0204/50/1.html
>
>The remote host defaults to guest when a user logs in using an invalid
>login. For instance, we could log in using the account 'nessus/nessus'
>
>
>All the smb tests will be done as ''/'whatever' in domain ALUMNI_HOUSE
>CVE : CAN-1999-0504, CAN-1999-0506, CVE-2000-0222, CAN-1999-0505,
>CAN-2002-1117
>BID : 494, 990
>Plugin ID : 10394 <http://cgi.nessus.org/plugins/newt.php?id=10394>
>
>
>The following shares can be accessed using a NULL session :
>
>- IPC$ - (readable?, writeable?)
>
>
>*Solution : To restrict their access under WindowsNT, open the
explorer,
>
>do a right click on each,
>go to the 'sharing' tab, and click on 'permissions'
>Risk factor : High
>CVE : CAN-1999-0519, CAN-1999-0520
>BID : 8026
>*
>
>Plugin ID : 10396 <http://cgi.nessus.org/plugins/newt.php?id=10396>
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list