[ LUGOS ] Null session - za Samba znalce

Marko Cuk cuk na cuk.nu
Čet Jul 29 13:39:26 CEST 1999


Restricting Anonymous network access to lookup account names and groups
and network shares

Windows NT has a feature where anonymous logon users can list domain
user names and enumerate share names. Customers who want enhanced
security have requested the ability to optionally restrict this
functionality. Windows NT 4.0 Service Pack 3 and a hotfix for Windows NT

3.51 provide a mechanism for administrators to restrict the ability for
anonymous logon users (also known as NULL session connections) to list
account names and enumerate share names. Listing account names from
Domain Controllers is required by the Windows NT ACL editor, for
example, to obtain the list of users and groups to select who a user
wants to grant access rights. Listing account names is also used by
Windows NT Explorer to select from list of users and groups to grant
access to a share.
The registry key value to set for enabling this feature is:

Hive:   HKEY_LOCAL_MACHINE\SYSTEM
Key:    System\CurrentControlSet\Control\LSA
Name:   RestrictAnonymous
Type:   REG_DWORD
Value:  1.
This enhancement is part of Windows NT version 4.0 Service Pack 3. A hot

fix for it is also provided for Windows NT version 3.51. Please refer to

Knowledge Base article Q143474 for more details on this.

Takole...tole je za NTje.

Potem gres, dobis Retino za NTje in poskeniras se kaksen Linux in
ugotovis, da ti izbrska vse userje, pod exploiti pa vidis null
session...

Torej >   kaj narediti v sambi, da to cudo "izklopis" ??

Morda kdo kaj ve o tem ? Prosim za pametne odgovore, ne parlamentiranje
na to temo...

Jure Koren ??

Cuk





Dodatne informacije o seznamu Starilist