thr3ads.net - samba - [Samba] Null sid enumeration [Mar 2010]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Bryan Payne

2010-Mar-12 22:15 UTC

[Samba] Null sid enumeration

I'm needing to prevent null sid enumeration for pci reasons. It's a
samba pdc that authenticates against an openldap backend. I restrict anonymous
set to 1 but I'm still able to pull sid's using cain. I've set it to
2, but as you might expect, no one could login via windows. On the ldap end, I
restricted sambaSID attributes from being shown when searching anonymously, but
that didn't help. What else can I do to prevent null sid enumeration?

Bryan Payne

2010-Mar-16 13:31 UTC

head link

[Samba] Null sid enumeration

Anyone have any tips or advice? I'd hate for this to be the backbreaker on
pci compliance.

Seemingly Similar Threads

Samba LDAP SID and Local SID
3.0.2a: SID, User Enumeration
W2k to W2k3 winbind enumeration issue?
[lldb-dev] LLVM 7.0.0 Release
[lldb-dev] LLVM 7.0.0 Release

Search for more apparently analagous threads

samba - Mar 2010 - Null sid enumeration

[Samba] Null sid enumeration

[Samba] Null sid enumeration

Seemingly Similar Threads