That would certainly be useful, as I cannot set restrictanonymous=2 on my network as too many other issues crop up. Would it be possible to note these items in the actual plugins? Or to have two sets of tests, one which uses LsaLookups and one which does not?
Thanks! -----Original Message----- From: Taed Wynnell [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 26, 2002 11:12 AM To: 'Michel Arboi' Cc: Nessus Mailing List (E-mail) Subject: RE: Null session log in Yes, it was "known" in that sense, but we wanted it confirmed by the Microsoft engineering group that there was no OTHER way to prevent it (other than filtering the NetBIOS ports completely) on Windows NT. -----Original Message----- From: Michel Arboi [mailto:[EMAIL PROTECTED]] Sent: Thursday 26 September 2002 11:04 AM To: Nessus Mailing List (E-mail) Subject: Re: Null session log in Taed Wynnell <[EMAIL PROTECTED]> writes: > We submitted a Microsoft Premier Support issue on this topic, and they > confirmed that there is no way to prevent what Nessus does on Windows NT. > On Windows 2000 and up, it can be prevented with "RestrictAnonymous=2". It seems that this problem was already known: http://www.securityfriday.com/Topics/restrictanonymous.html http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0078.html (off topic) Please note that restricting anonymous SMB sessions may break some functions (inter-domain trust...) - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body. - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
