[Samba] Samba4 user enumeration
Denis CARDON
dcardon at tranquil.it
Thu Nov 25 09:05:49 UTC 2021
Hi Sebastian,
Le 25/11/2021 à 09:15, Sebastian Mazur via samba a écrit :
> Hi
>
> It has recently been brought to my attention that you can list all samba
> users anonymously via enum4linux from Kali distribution.
>
> I tried to disable this by GPO by enabling Network access: Do not allow
> anonymous enumeration of SAM accounts and shares security policy setting.
>
> With no effect.
>
> I use Samba in version 4.13.13 in Debian distribution.
>
> Is there anyway to disable it?
please take a look at
https://samba.tranquil.it/doc/en/samba_advanced_methods/samba_active_directory_higher_security_tips.html#turning-off-null-session-connections
just add restrict anonymous = 2 to your smb.conf file.
Cheers,
Denis
>
> Thanks for help.
>
More information about the samba
mailing list