Re: Null session in Windows XP
From: Laura A. Robinson (larobins@bellatlantic.net)Date: 03/28/02
- Previous message: Michael Perez: "ntfs perms question"
- In reply to: Tomasz Polus: "RE: Null session in Windows XP"
- Next in thread: Thor@HammerofGod.com: "RE: Null session in Windows XP"
- Next in thread: bmurphy@carterbloodcare.org: "RE: Null session in Windows XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Laura A. Robinson" <larobins@bellatlantic.net> To: "Tomasz Polus" <tpolus@faq.net.pl>, <FOCUS-MS@SECURITYFOCUS.COM> Date: Thu, 28 Mar 2002 12:18:47 -0500
Ope, I forgot one thing- in XP, the membership of the "Everyone" group has
changed. See this URL:
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn
ol/winxppro/proddocs/windows_security_differences.asp
The following may also be useful; as you can see, there have been changes
throughout the product developments, from NT to Win2K to XP/.Net.
http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows
2000/en/server/help/windows_security_differences.htm
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn
ol/winxppro/reskit/prdp_log_oeec.asp
Laura
----- Original Message -----
From: "Tomasz Polus" <tpolus@faq.net.pl>
To: <FOCUS-MS@SECURITYFOCUS.COM>
Sent: Thursday, March 28, 2002 4:01 AM
Subject: RE: Null session in Windows XP
> -----Original Message-----
> From: Eric [mailto:ews@tellurian.net]
> Sent: Wednesday, March 27, 2002 8:16 PM
> To: Tomasz Polus; FOCUS-MS@SECURITYFOCUS.COM
> Subject: Re: Null session in Windows XP
>
>
> Null sessions can *always* be established to NT4, Windows
> 2000, and Windows
> XP machines.
Eric, thank you for your answer. Maybe I'm wrong, but I cannot agree
with above statement. When I set the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\lanmanserver\parameters\RestrictNullSessAccess=1 (dword)
registry key in Windows 2000 and Windows NT, they simply _does_not_
let me establish null session. They respond with Access Denied message.
> What has changed, however, is what you are able to do once
> you establish
> the null session. In NT4 and Win2K, by default, you could enumerate
> information about users and shares. Setting
> RestrictAnonymous=1 would help
[...]
> RestrictAnonymous=2
[...]
> RestrictAnonymousSam=1 is a default setting. This prevents detailed
[...]
> RestrictAnonymous=2 (on XP) is no longer a valid setting.
[...]
Thank you for this summary, however I know all these keys and set
them properly. Still, I can establish null session to Windows XP. It
gives
nothing to the attacker as I my computer is secured in many other ways,
however, I would like to turn it off - this is very annoying to me ;-)
Could somebody please check this out to support/discard my statement?
I could be wrong of course - I just want to be sure.
-- Tomasz Polus
- Previous message: Michael Perez: "ntfs perms question"
- In reply to: Tomasz Polus: "RE: Null session in Windows XP"
- Next in thread: Thor@HammerofGod.com: "RE: Null session in Windows XP"
- Next in thread: bmurphy@carterbloodcare.org: "RE: Null session in Windows XP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
