Actually, I usually still get a Null session vulnerability from nessus with RA=2 under 2K. Is there another way around this? I can run cybercop against the same server, and it will tell me that it can't connect using a Null session. I've had this reported back in several scans, so for me it's not an isolated incident.
thanks, eddie -----Original Message----- From: Renaud Deraison [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 5:48 AM To: Nessus Mailing List (E-mail) Subject: Re: Null Session On Wed, Apr 10, 2002 at 05:45:00AM -0700, Taed Wynnell wrote: > On IIS Version: We're running Windows NT, and the only solution we could > find was to edit (ack!) W3SVC.DLL, which contains the string hard-coded. > > On Null Session: Again, on Windows NT, you can do the RestrictAnonymous > (search MS Knowledge Base), which helps a little, but doesn't get rid of > any Nessus errors. Since we need that port for domain administration and > whatnot, we can't filter it. On 2K, you can set RestrictAnonymous to 2, it should solve most of the problems encountered. -- Renaud
