Security Basics mailing list archives
Re: Problem Disabling "Null Session" on W2K3
From: warl0ck () metaeye org
Date: 15 Nov 2006 12:50:49 -0000
Do this
1. Go to Administrative Tools --> Local Security
Policy --> Local Policies --> Security Options.
Make sure the following two policies are enabled:
a. Network Access: Do not allow anonymous enumeration of SAM accounts: Enabled (Default)
b.Network Access: Do not allow anonymous enumeration of SAM accounts and shares: Enabled
Or this can also be accomplished using the following registry keys:
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=1 (This disallows enumeration of shares)
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=1 (Default, not allowing enumeration of user
accounts)
and then Reboot to make the changes take effect.
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Current thread:
- Problem Disabling "Null Session" on W2K3 eneko . astorkiza (Nov 14)
- RE: Problem Disabling "Null Session" on W2K3 Cort Boecking (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 Alexey Vesnin (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 Ansgar -59cobalt- Wiechers (Nov 15)
- RE: Problem Disabling "Null Session" on W2K3 Roger A. Grimes (Nov 15)
- <Possible follow-ups>
- RE: Problem Disabling "Null Session" on W2K3 Scott Ramsdell (Nov 15)
- Re: Problem Disabling "Null Session" on W2K3 warl0ck (Nov 15)