ISS Vul Scan

["Gibson, Nathan J. (HSC)" <Nathan-Gibson () OUHSC EDU>]

Does Anyone know why ISS would be flagging this:

 

It is a Server 2k3 Machine. No NT Machines on the network. No apps
needing NetBIOS. We have disabled NetBIOS on the NIC and it still shows
up.

 

M Root Share: SMB NetBIOS entire drive available (CVE-1999-0520)

Vuln count = 3

NetBIOS allows full access to the entire hard drive. By sharing the
entire drive, any new additions to this drive are automatically made

available.

Remedy:

Restrict the share to specific directories or require stronger
authentication for access.

References:

 

 

V/R,

Nathan J. Gibson, CISSP

Information Technology, Information Security Services

University of Oklahoma Health Sciences Center

Rogers Building, Room 128

Office: (405) 271-2476

Fax: (405) 271-2181

EXT:50270

Cell: (405) 397 5134

http://it.ouhsc.edu/services/infosecurity
<http://it.ouhsc.edu/services/infosecurity> 

 

 

Confidentiality Notice

This e-mail, including any attachments, contains information from the
University of Oklahoma Health Sciences Center, which may be confidential
or privileged. The information is intended to be for the use of the
individual or entity named above. If you are not the intended recipient,
be aware that any disclosure, copying, distribution or use of the
contents of this information is prohibited.

 

If you have received this e-mail in error, please notify the sender
immediately by a "reply to sender only" message and destroy all
electronic and hard copies of the communication, including attachments.