I scanned my servers on vulnerabilities recently and some ubuntu servers have following issue: CIFS NULL Session Permitted
Description:NULL sessions allow anonymous users to establish unauthenticated CIFS sessions with Windows or third-party CIFS implementations such as or the . These anonymous users may be able to enumerate local users, groups, servers, shares, domains, domain policies, and may be able to access various MSRPC services through RPC function calls. These services have been historically affected by numerous vulnerabilities.
Which settings do I need to set in my smb.conf file to solve this issue?
1 Answer
In smb.conf, this is what I did:
I added / changed these lines to
map to guest = Never # Disables any login with a non-user restrict anonymous = 2 # Disables recon potential
usershare allow guests = no # Not sure exactly what this does, but looked like a good one to set to noThen, I also changed any guest_ok lines to no
guest ok = no 1