How to disable CIFS NULL session permitted on a Linux server to meet compliance requirements ?
rpcclient can help retrieve details about this server. Log in with an anonymous user :
rpcclient -U "" server_name
Once logged in, run either of these commands :
To leave rpcclient, run the quit command.
If you were able to logged in and if any of the commands display details, then CIFS null session is permitted.
To disable it, add the following parameters to your smb.conf file :
guest account = nobody
restrict anonymous = 1
Check Samba configuration file syntax with :
Restart Samba daemons :
service smb restart
service nmb restart
service winbind restart
Run once again any of the commands within a new rpcclient session.
Any information should be available now.