Thanks Scot,
There's no administrator or guest account either on OS or Samba server, so I figured it was something related to how Samba impersonates a Windows fileshare. Samba is not actually vulnerable to to any Microsoft Windows Exploits, is it? I always just assumed it wasn't, but I want to make sure.
Scot L. Harris wrote:
On Mon, 2004-06-21 at 16:04, Paul Bradshaw wrote:
Hi there,
I scanned my Fedora server with NeWT and found this - should I be concerned about it?
Thanks,
...Paul
microsoft-ds (445/tcp)
It was possible to log into the remote host using the following
login/password combinations :
'administrator'/''
'administrator'/'administrator'
'guest'/''
'guest'/'guest'
Of course you should be concerned! Any good admin would. :)
I just went through this with a security scan using nessus. Not sure
about NeWT but I think it gets this based on the simple ID of the
service running on the port.
Best thing to do is actually try and login in from a remote system using
those ids and passwords. I found that I was not able to login using
those ids/passwords or with null passwords.
I suspect that both applications are using the same test code and report similar issues when there is no real issue. Need to review the code to see what they really are doing and why they send back a false positive like this.
If you manually check it and it is secure then you don't need to worry.
