Yes, it was "known" in that sense, but we wanted it confirmed by the Microsoft engineering group that there was no OTHER way to prevent it (other than filtering the NetBIOS ports completely) on Windows NT.
-----Original Message----- From: Michel Arboi [mailto:[EMAIL PROTECTED]] Sent: Thursday 26 September 2002 11:04 AM To: Nessus Mailing List (E-mail) Subject: Re: Null session log in Taed Wynnell <[EMAIL PROTECTED]> writes: > We submitted a Microsoft Premier Support issue on this topic, and they > confirmed that there is no way to prevent what Nessus does on Windows NT. > On Windows 2000 and up, it can be prevented with "RestrictAnonymous=2". It seems that this problem was already known: http://www.securityfriday.com/Topics/restrictanonymous.html http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0078.html (off topic) Please note that restricting anonymous SMB sessions may break some functions (inter-domain trust...) - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
