CIFS NULL session permitted

How to disable CIFS NULL session permitted on a Linux server to meet compliance requirements ?

rpcclient can help retrieve details about this server. Log in with an anonymous user :

rpcclient -U "" server_name

Once logged in, run either of these commands :

srvinfo
querydominfo

To leave rpcclient, run the quit command.

If you were able to logged in and if any of the commands display details, then CIFS null session is permitted.

To disable it, add the following parameters to your smb.conf file :

guest account = nobody
restrict anonymous = 1

Check Samba configuration file syntax with :

testparm smb.conf

Restart Samba daemons :

service smb restart
service nmb restart
service winbind restart

Run once again any of the commands within a new rpcclient session.
Any information should be available now.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s