Security Basics mailing list archives
Re: Problem Disabling "Null Session" on W2K3
From: Alexey Vesnin <ss666 () bsd mirknigi ru>
Date: Wed, 15 Nov 2006 11:39:42 +0300
eneko.astorkiza () ieuskadi com wrote:
Try Outpost Firewall Pro - or something similar. It's a well-tuned windows firewall, and you can disable the session establishment everywhere except the IP's needed.Hi all, Firstly excuse my english, i'm spanish. I'm trying to secure some AD servers and i have a problem. I scan then (w2k3 AD Servers) with Retina and it says that i have "Null Session" enabled, so it shows all the domain users. (I'm doing with a machine out of the domain) The problem is that if i look at the RestrictAnonymous and RestrictAnonymousSAM registry values, they are ok :-? Someone knows why i can enumerate the domain users ??? I have also use SuperScan and the same happens. Un saludo Eneko --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Alexey Vesnin --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Problem Disabling "Null Session" on W2K3 eneko . astorkiza (Nov 14)
- RE: Problem Disabling "Null Session" on W2K3 Cort Boecking (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 Alexey Vesnin (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 Ansgar -59cobalt- Wiechers (Nov 15)
- RE: Problem Disabling "Null Session" on W2K3 Roger A. Grimes (Nov 15)
- <Possible follow-ups>
- RE: Problem Disabling "Null Session" on W2K3 Scott Ramsdell (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 warl0ck (Nov 15)