I have exactly the same problem. Nessus get a Null session vulnerability with RA=2 under W2K. When i try a Null connection to the server, it can't connect. I'm using nessus 1.0.10, but i had the same problem with previous stable version. I try with nessus 1.1.14, he found a Null session vulnerability. Is that a false positive in Nessus ?
Thanks, Daniel BOUR. -----Message d'origine----- De : Eddie Lee [mailto:[EMAIL PROTECTED]] Envoy� : mercredi 10 avril 2002 23:05 � : 'Renaud Deraison'; Nessus Mailing List (E-mail) Objet : RE: Null Session Actually, I usually still get a Null session vulnerability from nessus with RA=2 under 2K. Is there another way around this? I can run cybercop against the same server, and it will tell me that it can't connect using a Null session. I've had this reported back in several scans, so for me it's not an isolated incident. thanks, eddie -----Original Message----- From: Renaud Deraison [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 5:48 AM To: Nessus Mailing List (E-mail) Subject: Re: Null Session On Wed, Apr 10, 2002 at 05:45:00AM -0700, Taed Wynnell wrote: > On IIS Version: We're running Windows NT, and the only solution we could > find was to edit (ack!) W3SVC.DLL, which contains the string hard-coded. > > On Null Session: Again, on Windows NT, you can do the RestrictAnonymous > (search MS Knowledge Base), which helps a little, but doesn't get rid of > any Nessus errors. Since we need that port for domain administration and > whatnot, we can't filter it. On 2K, you can set RestrictAnonymous to 2, it should solve most of the problems encountered. -- Renaud
