NetBIOS Security

G

Gilbert

Hi everyone, recently we had an auditor evaluate our W2K machines and he is
telling us that our NetBIOS security is not secure enough. He listed the
following details:

LSAAnonymousNameLookup - Set to 0
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\NoLMHash - Set to 1
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\DisableDomainCreds - Set to 1
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner - Set to 0
HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel - Set to 3

Problem: I can only verify that W2K registry supports NoLMHash and
LmCompatibilityLevel.

Question: Does setting LSAAnonymousNameLookup, DisableDomainCreds, and
NoDefaultAdminOwner have any effect on W2K or does it only apply to XP/W2K3.

Thanks a million!
 
M

Mark Burnett

You are correct that those settings do not apply to Win2k, they were
introduced in Windows XP. However, it doesn't hurt to go ahead and set them
and it always makes your audits come out cleaner.


Mark Burnett
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

problems resetting Vista security back to defaults 0
Complex passwords - PASSFILT 1
resetting security permissions not working 2
Corresponding registy for security option ? 3
Vista Home Premium does not retain network password 5
Linux with pre-RC1 and or RC1 6
Exchange password: how to save? 1
connect windows vista to mac 2

Top