Re: Problem Disabling "Null Session" on W2K3
- From: warl0ck@xxxxxxxxxxx
- Date: 15 Nov 2006 12:50:49 -0000
Do this
1. Go to Administrative Tools --> Local Security
Policy --> Local Policies --> Security Options.
Make sure the following two policies are enabled:
a. Network Access: Do not allow anonymous enumeration of SAM accounts: Enabled (Default)
b.Network Access: Do not allow anonymous enumeration of SAM accounts and shares: Enabled
Or this can also be accomplished using the following registry keys:
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=1 (This disallows enumeration of shares)
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=1 (Default, not allowing enumeration of user accounts)
and then Reboot to make the changes take effect.
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- Prev by Date: Re: Centralizing logs throug internet
- Next by Date: RE: Unauthorised switchport access
- Previous by thread: RE: Problem Disabling "Null Session" on W2K3
- Next by thread: VLANs confusing
- Index(es):
Relevant Pages
|
