Educause Security Discussion mailing list archives
ISS Vul Scan
From: "Gibson, Nathan J. (HSC)" <Nathan-Gibson () OUHSC EDU>
Date: Wed, 28 Mar 2007 12:26:28 -0500
Does Anyone know why ISS would be flagging this: It is a Server 2k3 Machine. No NT Machines on the network. No apps needing NetBIOS. We have disabled NetBIOS on the NIC and it still shows up. M Root Share: SMB NetBIOS entire drive available (CVE-1999-0520) Vuln count = 3 NetBIOS allows full access to the entire hard drive. By sharing the entire drive, any new additions to this drive are automatically made available. Remedy: Restrict the share to specific directories or require stronger authentication for access. References: V/R, Nathan J. Gibson, CISSP Information Technology, Information Security Services University of Oklahoma Health Sciences Center Rogers Building, Room 128 Office: (405) 271-2476 Fax: (405) 271-2181 EXT:50270 Cell: (405) 397 5134 http://it.ouhsc.edu/services/infosecurity <http://it.ouhsc.edu/services/infosecurity> Confidentiality Notice This e-mail, including any attachments, contains information from the University of Oklahoma Health Sciences Center, which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this e-mail in error, please notify the sender immediately by a "reply to sender only" message and destroy all electronic and hard copies of the communication, including attachments.
Current thread:
- ISS Vul Scan Gibson, Nathan J. (HSC) (Mar 28)