On Thu, Apr 11, 2002 at 10:42:36AM -0400, Darth Maul wrote:
> I think that the plug-in should reflect the difference between when IPC$ can
> and can't be accessed. However,
> either way, it's still a hole as I now see. Up until now, when RA=2 we were
> just writing this off as a false positive and
> ignoring it. I think changes to the plug-in to reflect the difference would
> avoid this confusion for other people.
Good point - done :
With RA=1 or not set, the plugin returns :
It was possible to log into the remote host using a NULL session.
The concept of a NULL session is to provide a null username and
a null password, which grants the user the 'guest' access
To prevent null sessions, see MS KB Article Q143474. Note that
this won't completely disable null sessions.
With RA=2, the plugin returns :
. It was possible to log into the remote host using a NULL session,
but the IPC$ share could not be connected to, which makes this problem
rather harmless.
The concept of a NULL session is to provide a null username and
a null password, which grants the user the 'guest' access
There is no solution to disable null sessions completely
----
-- Renaud
