On Mon, 2004-03-08 at 02:51, fire-eyes wrote: > I'm runninng samba 3.0.2a on a few machines, ADS security mode, domain > member roles. I throw nessus at it, and it can fetch the SID and then > list all of the users on the system. > > I view this as a security problem, is there a way to prevent this?
Firstly, nessus is a bit over-the-top at times. That said, you may run Samba in 'restrict anonymous' mode by setting the smb.conf parameter. 'restrict anonymous = 2' will keep nessus at bay, but also break any network browsing function your machine may be playing. You cannot set this on a PDC. See the manpage the and MS knowlege base articles mentioned in it. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
