samba security
Paul Bradshaw
bradshaw at wintermute.alumni.uoguelph.ca
Tue Jun 22 16:18:26 UTC 2004
Thanks Scot,
There's no administrator or guest account either on OS or Samba server,
so I figured it was something related to how Samba impersonates a
Windows fileshare. Samba is not actually vulnerable to to any Microsoft
Windows Exploits, is it? I always just assumed it wasn't, but I want to
make sure.
Scot L. Harris wrote:
>On Mon, 2004-06-21 at 16:04, Paul Bradshaw wrote:
>
>
>>Hi there,
>>
>>I scanned my Fedora server with NeWT and found this - should I be
>>concerned about it?
>>
>>Thanks,
>>
>>...Paul
>>
>>
>>microsoft-ds (445/tcp)
>>
>>
>>
>>It was possible to log into the remote host using the following
>>login/password combinations :
>>'administrator'/''
>>'administrator'/'administrator'
>>'guest'/''
>>'guest'/'guest'
>>
>>
>
>
>Of course you should be concerned! Any good admin would. :)
>
>I just went through this with a security scan using nessus. Not sure
>about NeWT but I think it gets this based on the simple ID of the
>service running on the port.
>
>Best thing to do is actually try and login in from a remote system using
>those ids and passwords. I found that I was not able to login using
>those ids/passwords or with null passwords.
>
>I suspect that both applications are using the same test code and report
>similar issues when there is no real issue. Need to review the code to
>see what they really are doing and why they send back a false positive
>like this.
>
>If you manually check it and it is secure then you don't need to worry.
>
>
>
More information about the fedora-list
mailing list