• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Protection from null sessions

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Windows

View previous topic :: View next topic  
Author Message
dissolved
Just Arrived
Just Arrived


Joined: 02 Dec 2003
Posts: 0


Offline

PostPosted: Wed Feb 09, 2005 3:58 pm    Post subject: Protection from null sessions Reply with quote

Does turning off file and print sharing protect me from null sessions, or do I need to do the change in Local Policy (Do not allow without explicit permissions etc)
thanks
Back to top
View user's profile Send private message
larsmhansen
Trusted SF Member
Trusted SF Member


Joined: 11 Jan 2003
Posts: 0
Location: Boston, MA, USA

Offline

PostPosted: Wed Feb 09, 2005 5:32 pm    Post subject: Reply with quote

Do the change in the Local Policy Editor.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
chalkspray
Just Arrived
Just Arrived


Joined: 09 Feb 2005
Posts: 0


Offline

PostPosted: Wed Feb 09, 2005 7:24 pm    Post subject: Reply with quote

The policy change would allow you to continue share files on the computer, but if file sharing is unchecked/removed from the network connection, netbios will still run but no file sharing can take place, thus no null sessions can take place.
Back to top
View user's profile Send private message
dissolved
Just Arrived
Just Arrived


Joined: 02 Dec 2003
Posts: 0


Offline

PostPosted: Wed Feb 09, 2005 7:28 pm    Post subject: Reply with quote

thanks guys
Back to top
View user's profile Send private message
Rowdy Yates
Just Arrived
Just Arrived


Joined: 20 Oct 2004
Posts: 1


Offline

PostPosted: Wed Feb 09, 2005 9:38 pm    Post subject: Reply with quote

http://rusecure.rutgers.edu/add_sec_meas/nullssn.php

RY
Back to top
View user's profile Send private message
Sgt_B
Trusted SF Member
Trusted SF Member


Joined: 28 Oct 2002
Posts: 16777215
Location: Chicago, IL US

Offline

PostPosted: Thu Feb 10, 2005 2:10 am    Post subject: Reply with quote

From regedit....

HLKM\SYSTEM\CurrentControlSet\Control\Lsa

There's an entry there called "restrictanonymous". It has three settings.
0 = allows anonymous access (null sessions)
1 = restricts info a user is able to get via null sessions but still allows them
2 = disables anonymous access. No more null sessions.
That's on win2k anyway. Works on NT too. XP might be stupid.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Windows All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register