Thanks for the reply. I have googled and tried different solutions before posting here. I thought that someone may encounter the same audit issues. I tried the workaround mentioned in the link, but it didnt work. Samba needs an existing unix account. Ying
________________________________ From: Frank Gruman [mailto:[email protected]] Sent: Wednesday, May 27, 2009 10:27 PM To: Xu, Ying (Houston) Cc: [email protected] Subject: RE: [Samba] Vulnerabilities reported by Qualys scan On Wed, 2009-05-27 at 10:41 -0500, Xu, Ying (Houston) wrote: Did anyone encounter this kind of audit issue at all? Thanks Ying -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Xu, Ying (Houston) Sent: Friday, May 22, 2009 11:01 AM To: [email protected] Subject: [Samba] Vulnerabilities reported by Qualys scan We are running samba services on several solaris10 servers for the users that need to read reports/logs on their windows workstation. THe shares are shared read-only and allowed guest account since most of users do not have unix accounts. Our company recently started Qualys scan on all servers, and we need to address the vulnerabilities reported. We are getting the following vulnerabilities regarding the samba services: Remote User List Disclosure Using NetBIOS (CVE-2000-1200) Null Session/Password NetBIOS Access (CVE-1999-0519) Is there anyway to address this besides disable guest account? Thanks Ying Xu <[email protected]> Unix Group I used to run into security scans and mitigation requirements all the time. From a variety of scan tools... A _VERY_ brief Google search (CVE-2000-1200 samba) lead me to http://www.rapid7.com/vulndb/lookup/cifs-nt-0002 where you can find instructions on mitigating that issue (there are Windows sections, a Samba section, and a Novell section - just scroll). The second issue was also found with a similar search and results - http://www.rapid7.com/vulndb/lookup/cifs-nt-0001. I have typically found that these scan tools will give you a general idea of how to mitigate these issues (perhaps Windows-centric in this case) but still a hint none the less. Even Qualys gives you that much. Regards, Frank ------------------------------------------------------------------------------------------- DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by replying to this message and then delete it from your system. Use, dissemination or copying of this message by unintended recipients is not authorized and may be unlawful. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
