hi we ran nessus against our windows 2000 active directory domain controller. it found
Vulnerability
ldap (389/tcp)
improperly configured LDAP servers will allow any user to connect to the
server and query for information.
the solution was: Disable NULL BASE queries on your LDAP server
nessus also referenced the MS knowledge base link
at http://www.microsoft.com/technet/security/bulletin/ms99-009.mspx
this vulnerability seems specific to MS Exchange prior to SP2. our server
is not running any versions of exchange. However, it is Win2K AD DC. We
tried to disable NULL bind on this machine by setting the LSA on these
machines were set to '2', which should keep folks from being be able to
look up domain resources anonymously....Nessus still claims the
vulneribility is there. We also set RestrictNullSessAccess in the
registery to 1. Again, Nessus still claims the vulneriabilty is there....
what specific configuration can you do to a windows 2000 active directory
domain controller to get rid of this particular nessus error message?
what exactly is a 'NULL bind', and does this issue even pertain to a
windows 2000 server that is not running MS Exchange?
if so, what is the fix for this problem if you're not running MS Exchange?
thanks
redmond
--
Redmond Militante
Software Engineer / Medill School of Journalism
FreeBSD 5.2.1-RELEASE-p1 #0: Tue Mar 9 05:18:02 CST 2004 i386
3:30AM up 4 days, 3:28, 5 users, load averages: 0.08, 0.08, 0.10
pgp00000.pgp
Description: PGP signature
_______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
