Tools like enum.exe, SmB-NetScanner.exe and null.pl allow
obtaining a list of all users from a remote smb-Server via
anonymous logons (null sessions). This allows doing
brute-force password attacks afterwards.
Samba (2.2.3) allows to restirct anonymous connections by
settings "restrict anonymous = yes" in smb.conf. However
Windows-clients expect being able to retrive certain
information anonymously, so this causes side-effects like an
empty nethood. Nevertheless enum.exe still lists all users
on the samba machine. So no improvment in security is
achieved.
Sama 2.2.3 shipping with MacOS 10.2 did not allow any null
sessions. Is there any patch (or backport from the Apple
soucre) available for linux samba?
I would like to have the ablitity of allowing anonymous
sessions to the local net (where samba acts as domain
controller) and denying to everyone else.
Btw: Setting
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Restrict Anonymous=
dword:00000001 successfully inhibits enum.exe reading user
lists from Windows machines.

Best regards, Ulrike