Electronic Books

In
addition Windows XP and 2003 have the settings of RestrictAnonymousSam,
with a default value of 1, and EveryoneIncludesAnonymous, with a default
value of 0.
The only valid option for Windows XP and 2003 for RestrictAnonymous
is either 0 or 1. Setting the RestrictAnonymous value to 0 will allow NULL
sessions to enumerate shares. Setting the RestrictAnonymous value to 1 will
limit access to the shared information.
Setting the RestrictAnonymousSam value to 0 will allow the enumeration
of user accounts. Changing the RestrictAnonymousSam value to 1 will prevent
the enumeration of local SAM accounts.
Setting the EveryoneIncludesAnonymous to a value of 0 will ensure NULL
sessions have no special rights. Setting the EveryoneIncludesAnonymous to
a value of 1 will give NULL sessions access to the Everyone group, including
any right set to that group.
For maximum security of Windows XP and 2003 the following settings
should be used:

RestrictAnonymous = 1

RestrictAnonymousSam = 1

EveryoneIncludesAnonymous = 0
These settings will allow a NULL session to occur and provide access to
shared resources to a trusted user but deny enumeration of other user
information.
Now on to the labs!
Chapter 2
Banner Identification
Banner Identification


65
Lab 1: Banner Identification
Banner Grabbing:
TELNET
Prerequisites:
None
Countermeasures:
Uninstall/disable unnecessary services, SSH, VPN,
IPSEC, banner alteration.


Pages:
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49