Main Page 
PC Review
Forums
Newsgroups
Windows XP
Windows XP Embedded
Vulnerability: shares enumerated through a null session
Forums
Newsgroups
Windows XP
Windows XP Embedded
Vulnerability: shares enumerated through a null session
 |
Vulnerability: shares enumerated through a null session |
|
|
Thread Tools | Rate Thread |
05-02-2007, 04:48 PM
|
#1 |
|
Guest
Posts: n/a
|
Vulnerability: shares enumerated through a null session
I am trying to find out if this vulnerability can be corrected for Windows XPe.
We have print device (which uses XPe as its OS) at a national laboratory. The lab's cyber-security division performs routine scans of their network constantly and they have issued a report for our print device regarding this vulnerability. They were even nice enough to provide us with instructions (for Window XP but not XPe) for correcting this within the Administrative Tools>Local Security Policy>Security Settings>Local Policy setting. We were to enable two items: 'Do not allow anonymous enumeration of SAM accounts' and 'Do not allow anonymous enumeration of SAM accounts and shares.' Dutifully, we attempted to correct this. However, the setting does not exist in the Local Security Policy for XPe. I was wondering if there is another setting within XPe that would serve the same purpose. Is there a means to filter ports in XPe? or can some network component be turned off that addresses this issue without loosing TCP/IP connectivity? I have checked with the manufacturer and they suggested to have the labs filter the ports at that location. However, I was hopeful that we could find a setting in XPe which could fix this before having to resort to that. Thanks for reading this and double-thanks for offering a solution. Sincerely, Marvin McKenzie |
|
|
05-02-2007, 07:24 PM
|
#2 |
|
Guest
Posts: n/a
|
Re: Vulnerability: shares enumerated through a null session
Have you tried creating a custom security template?
See: How to Create a Custom Security Template http://msdn2.microsoft.com/en-us/library/ms940857.aspx Then in your custom template, set: Local Policies -> Security Options -> Network Access: Do Not Allow........ "M" <M@discussions.microsoft.com> wrote in message news:6BB9D2BF-E430-4606-855B-7581B3321F08@microsoft.com... >I am trying to find out if this vulnerability can be corrected for Windows >XPe. > > We have print device (which uses XPe as its OS) at a national laboratory. > The lab's cyber-security division performs routine scans of their network > constantly and they have issued a report for our print device regarding > this > vulnerability. They were even nice enough to provide us with instructions > (for Window XP but not XPe) for correcting this within the Administrative > Tools>Local Security Policy>Security Settings>Local Policy setting. We > were > to enable two items: 'Do not allow anonymous enumeration of SAM accounts' > and > 'Do not allow anonymous enumeration of SAM accounts and shares.' > > Dutifully, we attempted to correct this. However, the setting does not > exist > in the Local Security Policy for XPe. > > I was wondering if there is another setting within XPe that would serve > the > same purpose. Is there a means to filter ports in XPe? or can some network > component be turned off that addresses this issue without loosing TCP/IP > connectivity? > > I have checked with the manufacturer and they suggested to have the labs > filter the ports at that location. However, I was hopeful that we could > find > a setting in XPe which could fix this before having to resort to that. > > Thanks for reading this and double-thanks for offering a solution. > > Sincerely, > Marvin McKenzie |
|
|
|
05-02-2007, 09:08 PM
|
#3 |
|
Guest
Posts: n/a
|
Re: Vulnerability: shares enumerated through a null session
No, I do not have the development tools necessary to create a custom security
template. Thanks for your suggestion. Marvin McKenzie "JS" wrote: > Have you tried creating a custom security template? > > See: How to Create a Custom Security Template > > http://msdn2.microsoft.com/en-us/library/ms940857.aspx > > > Then in your custom template, set: > Local Policies -> Security Options -> Network Access: Do Not Allow........ > > > > "M" <M@discussions.microsoft.com> wrote in message > news:6BB9D2BF-E430-4606-855B-7581B3321F08@microsoft.com... > >I am trying to find out if this vulnerability can be corrected for Windows > >XPe. > > > > We have print device (which uses XPe as its OS) at a national laboratory. > > The lab's cyber-security division performs routine scans of their network > > constantly and they have issued a report for our print device regarding > > this > > vulnerability. They were even nice enough to provide us with instructions > > (for Window XP but not XPe) for correcting this within the Administrative > > Tools>Local Security Policy>Security Settings>Local Policy setting. We > > were > > to enable two items: 'Do not allow anonymous enumeration of SAM accounts' > > and > > 'Do not allow anonymous enumeration of SAM accounts and shares.' > > > > Dutifully, we attempted to correct this. However, the setting does not > > exist > > in the Local Security Policy for XPe. > > > > I was wondering if there is another setting within XPe that would serve > > the > > same purpose. Is there a means to filter ports in XPe? or can some network > > component be turned off that addresses this issue without loosing TCP/IP > > connectivity? > > > > I have checked with the manufacturer and they suggested to have the labs > > filter the ports at that location. However, I was hopeful that we could > > find > > a setting in XPe which could fix this before having to resort to that. > > > > Thanks for reading this and double-thanks for offering a solution. > > > > Sincerely, > > Marvin McKenzie > > > |
|
|
|
05-02-2007, 09:43 PM
|
#4 |
|
Guest
Posts: n/a
|
RE: Vulnerability: shares enumerated through a null session
I am hoping to have some other options for consideration from this community.
Thanks again for any and all responses. Marvin McKenzie "M" wrote: > I am trying to find out if this vulnerability can be corrected for Windows XPe. > > We have print device (which uses XPe as its OS) at a national laboratory. > The lab's cyber-security division performs routine scans of their network > constantly and they have issued a report for our print device regarding this > vulnerability. They were even nice enough to provide us with instructions > (for Window XP but not XPe) for correcting this within the Administrative > Tools>Local Security Policy>Security Settings>Local Policy setting. We were > to enable two items: 'Do not allow anonymous enumeration of SAM accounts' and > 'Do not allow anonymous enumeration of SAM accounts and shares.' > > Dutifully, we attempted to correct this. However, the setting does not exist > in the Local Security Policy for XPe. > > I was wondering if there is another setting within XPe that would serve the > same purpose. Is there a means to filter ports in XPe? or can some network > component be turned off that addresses this issue without loosing TCP/IP > connectivity? > > I have checked with the manufacturer and they suggested to have the labs > filter the ports at that location. However, I was hopeful that we could find > a setting in XPe which could fix this before having to resort to that. > > Thanks for reading this and double-thanks for offering a solution. > > Sincerely, > Marvin McKenzie |
|
|
|
05-02-2007, 10:03 PM
|
#5 |
|
Guest
Posts: n/a
|
Re: Vulnerability: shares enumerated through a null session
How about just setting it via registry?
[HKLM\SYSTEM\CurrentControlSet\Control\Lsar],"RestrictAnonymous" (dword) Regards, KM >I am hoping to have some other options for consideration from this >community. > > Thanks again for any and all responses. > > Marvin McKenzie > > > "M" wrote: > >> I am trying to find out if this vulnerability can be corrected for >> Windows XPe. >> >> We have print device (which uses XPe as its OS) at a national laboratory. >> The lab's cyber-security division performs routine scans of their network >> constantly and they have issued a report for our print device regarding >> this >> vulnerability. They were even nice enough to provide us with instructions >> (for Window XP but not XPe) for correcting this within the Administrative >> Tools>Local Security Policy>Security Settings>Local Policy setting. We >> were >> to enable two items: 'Do not allow anonymous enumeration of SAM accounts' >> and >> 'Do not allow anonymous enumeration of SAM accounts and shares.' >> >> Dutifully, we attempted to correct this. However, the setting does not >> exist >> in the Local Security Policy for XPe. >> >> I was wondering if there is another setting within XPe that would serve >> the >> same purpose. Is there a means to filter ports in XPe? or can some >> network >> component be turned off that addresses this issue without loosing TCP/IP >> connectivity? >> >> I have checked with the manufacturer and they suggested to have the labs >> filter the ports at that location. However, I was hopeful that we could >> find >> a setting in XPe which could fix this before having to resort to that. >> >> Thanks for reading this and double-thanks for offering a solution. >> >> Sincerely, >> Marvin McKenzie |
|
|
|
|
| Thread Tools | |
| Rate This Thread | |
|
|
