Network access: Restrict anonymous access to Named Pipes and SharesID: oval:gov.nist.usgcb.windowsseven:def:93 | Date: (C)2012-04-13 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
When enabled, this security setting restricts anonymous access to shares and pipes to the settings for:
Network access: Named pipes that can be accessed anonymously
Network access: Shares that can be accessed anonymously
Default: Enabled.
The server service restricts unauthenticated clients access to named resources. Null sessions are a weakness that can be exploited through shares (including the default shares) on computers in your environment.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network access: Restrict anonymous access to Named Pipes and Shares
(2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters!restrictnullsessaccess
Platform: |
Microsoft Windows 7 |