Security Basics mailing list archives
RE: Update: SMB enumation in Win2000/03
From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Sat, 14 Feb 2004 09:13:40 -0600
Stephen, Apparently, Hacking Exposed: Windows Server 2003 is out. It deals with your problem (and, soon to be mine) in Chapter 4:Enumeration [1]. Unfortunately, though, Table 4-5, which apparently lists the settings we'll want to use, is not available from the link below, and I have not purchased a copy of the book - yet. The information specific to your issue can be found by searching the string 'Configuring "Network Access" in Security Policy'. Alternatively, if you haven't already, you could read through the Windows Server 2003 Security guide [2]. Chapter 4 deals with hardening domain controllers. I'd look through it, but it's snowing in North Texas for once, and my son has a snowball fight coming ... Best of luck. Joey Peloquin [1] http://216.239.37.104/search?q=cache:DwR16jOiPdYJ:www.osborne.com/products/0 072230614/0072230614_ch04.pdf+%22windows+server+2003%22+smb+enumeration+enum &hl=en&lr=lang_en&ie=UTF-8 [2] http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ prodtech/win2003/w2003hg/sgch00.asp
-----Original Message----- From: Stephen C. Gay [mailto:sgay () ellijay com] Sent: Wednesday, February 11, 2004 9:05 PM To: security-basics () securityfocus com Subject: Update: SMB enumation in Win2000/03 Quick update on my user enumeration delima, On a pure Windows 2000 domain I was able to set the Restrict Anonymous Reg key to the dreaded "2" and stop the user list enumeration. Enum, net use, and hunt all three fail on anonymous bind. This is not the case in the Win Server 2003 environment. I can still get the users. I am beginning to think this may be based on a trust relationship between the Win Svr 2003 domain and a kerberos realm. Stephen
[...]
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer.
--------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ----------------------------------------------------------------------------
Current thread:
- Update: SMB enumation in Win2000/03 Stephen C. Gay (Feb 12)
- RE: Update: SMB enumation in Win2000/03 Joey Peloquin (Feb 16)