Re: Disable Null Sessions



What tools are you using. Many report false positive in that you can
connect to the IPC$ but are unable to enumerate any further information like
user accounts and domain machines.

So basically if you're tools state you have null sessions enabled but does
not retrieve account information then you're fixed.

Try Nessus tool as an example.

Rgds


On 12/01/2010 21:08, in article eLIrmo8kKHA.5020@xxxxxxxxxxxxxxxxxxxx,
"James" <acidflea@xxxxxxxxxxx> wrote:

We had an audit and were told to disable null sessions on all of our
servers. I found that we could use group policy to accomplish this. I have
enabled the following settings on a test OU and moved a server to that OU.

Network access: Do not allow anonymous enumeration of SAM accounts
Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and
shares Enabled

I was wondering the easiest way to verify that the null sessions have been
disabled? I downloaded a few applications that stated they would check this.
When I try to test I get the same results on my existing servers as I do on
the server that I put in the test OU with the GPO.


Thanks,
James



.



Relevant Pages

  • Re: Where to Enable the Restricting NULL policies Settings
    ... If I want to prevent users from having access to only 5 servers in the domain would I just enable these settings on those 5 servers only? ...
    (microsoft.public.windows.server.active_directory)
  • Disable Null Sessions
    ... Do not allow anonymous enumeration of SAM accounts ... I was wondering the easiest way to verify that the null sessions have been ... When I try to test I get the same results on my existing servers as I do on ...
    (microsoft.public.windows.server.security)
  • Re: Anonymous Enumeration of accounts and shares
    ... > enumeration of sam accounts. ... You might also want to enable the security ... > Domain Controller Security Policy. ...
    (microsoft.public.windows.server.networking)
  • Re: Null Sessions - Restrict Anonymous
    ... seeing event logs with hackers using real user names. ... >> being restricted on these servers. ... > some enumeration tools but others continue to work. ... >> effective setting is "do not allow enumertation of SAM accounts and ...
    (microsoft.public.win2000.security)
  • Re: Anonymous Enumeration of accounts and shares
    ... enumeration of sam accounts. ... Domain Controller Security Policy. ...
    (microsoft.public.windows.server.networking)