samba security
Scot L. Harris
webid at cfl.rr.com
Mon Jun 21 20:12:56 UTC 2004
On Mon, 2004-06-21 at 16:04, Paul Bradshaw wrote:
>
> Hi there,
>
> I scanned my Fedora server with NeWT and found this - should I be
> concerned about it?
>
> Thanks,
>
> ...Paul
>
>
> microsoft-ds (445/tcp)
>
>
>
> It was possible to log into the remote host using the following
> login/password combinations :
> 'administrator'/''
> 'administrator'/'administrator'
> 'guest'/''
> 'guest'/'guest'
Of course you should be concerned! Any good admin would. :)
I just went through this with a security scan using nessus. Not sure
about NeWT but I think it gets this based on the simple ID of the
service running on the port.
Best thing to do is actually try and login in from a remote system using
those ids and passwords. I found that I was not able to login using
those ids/passwords or with null passwords.
I suspect that both applications are using the same test code and report
similar issues when there is no real issue. Need to review the code to
see what they really are doing and why they send back a false positive
like this.
If you manually check it and it is secure then you don't need to worry.
--
Scot L. Harris
webid at cfl.rr.com
Man belongs wherever he wants to go.
-- Wernher von Braun
More information about the fedora-list
mailing list