Security Basics mailing list archives
RE: Problem Disabling "Null Session" on W2K3
From: "Scott Ramsdell" <Scott.Ramsdell () cellnet com>
Date: Tue, 14 Nov 2006 15:44:48 -0500
Eneko, You may want to check if you have the Everyone group in the built-in domain group Pre-Windows 2000 Compatibility Access. This may have been done in the past if you had a trust to an NT domain. Here is a matrix on how different settings affect/overwrite RestrictAnonymous=1|2: http://technet2.microsoft.com/WindowsServer/en/library/6361e9c2-73ad-49c 3-a012-6d09cebd31611033.mspx?mfr=true Kind Regards, Scott Ramsdell -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of eneko.astorkiza () ieuskadi com Sent: Tuesday, November 14, 2006 10:18 AM To: security-basics () securityfocus com Subject: Problem Disabling "Null Session" on W2K3 Hi all, Firstly excuse my english, i'm spanish. I'm trying to secure some AD servers and i have a problem. I scan then (w2k3 AD Servers) with Retina and it says that i have "Null Session" enabled, so it shows all the domain users. (I'm doing with a machine out of the domain) The problem is that if i look at the RestrictAnonymous and RestrictAnonymousSAM registry values, they are ok :-? Someone knows why i can enumerate the domain users ??? I have also use SuperScan and the same happens. Un saludo Eneko ------------------------------------------------------------------------ --- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Problem Disabling "Null Session" on W2K3 eneko . astorkiza (Nov 14)
- RE: Problem Disabling "Null Session" on W2K3 Cort Boecking (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 Alexey Vesnin (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 Ansgar -59cobalt- Wiechers (Nov 15)
- RE: Problem Disabling "Null Session" on W2K3 Roger A. Grimes (Nov 15)
- <Possible follow-ups>
- RE: Problem Disabling "Null Session" on W2K3 Scott Ramsdell (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 warl0ck (Nov 15)