[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Network access: Shares that can be accessed anonymously

ID: oval:org.secpod.oval:def:28409Date: (C)2015-10-08   (M)2017-10-26
Class: COMPLIANCEFamily: windows




This policy setting determines which network shares can be accessed by anonymous users. The default configuration for this policy setting has little effect because all users have to be authenticated before they can access shared resources on the server. Note: It can be very dangerous to add other shares to this Group Policy setting. Any network user can access any shares that are listed, which could exposure or corrupt sensitive data. Note: When you configure this setting you specify a list of one or more objects. The delimiter used when entering the list is a line feed or carriage return, that is, type the first object on the list, press the Enter button, type the next object, press Enter again, etc. The setting value is stored as a comma-delimited list in group policy security templates. It is also rendered as a comma-delimited list in Group Policy Editor?s display pane and the Resultant Set of Policy console. It is recorded in the registry as a line-feed delimited list in a REG_MULTI_SZ value. This policy setting determines which network shares can be accessed by anonymous users. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Network access: Shares that can be accessed anonymously (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters!NullSessionShares

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-38095-6
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-38095-6
XCCDF    2
xccdf_org.secpod_benchmark_general_Windows_2012_R2
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2012_R2

© 2013 SecPod Technologies