Re: samba security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Paul Bradshaw wrote:
> I scanned my Fedora server with NeWT and found this - should I be 
> concerned about it? 
<snip>
> microsoft-ds (445/tcp)
> 
> It was possible to log into the remote host using the following
> login/password combinations :
> 'administrator'/''
> 'administrator'/'administrator'
> 'guest'/''
> 'guest'/'guest'
> 
> It was possible to log into the remote host using a NULL session.
> The concept of a NULL session is to provide a null username and
> a null password, which grants the user the 'guest' access
> 
> To prevent null sessions, see MS KB Article Q143474 (NT 4.0) and
> Q246261 (Windows 2000).
> Note that this won't completely disable null sessions, but will
> prevent them from connecting to IPC$

Um. I've a feeling that this is the way Samba works.

/usr/share/doc/samba-3.0.3/docs/htmldocs/Samba-Guide.html says:
# The IPC$ share serves a vital purpose[1] in SMB/CIFS based
# networking. A Windows client connects to this resource to obtain the
# list of resources that are available on the server. The server
# responds with the shares and print queues that are available. In most
# but not all cases, the connection is made with a NULL  username and a
# NULL password.

So it looks to me as though Windows, by default, connects to Samba with
a null username and a null password, to see which shares are available.
(This is necessary because different shares on the same machine can have
different passwords for the same user: think about the case when the
password is per-share, not per-user).

So an SMB server needs to export a list of all shares available without
(real) password authentication. This is a limit of the way Windows
networking works.

So, presumably, Samba exports this information to any client with any
username/password pair (the data is available to any interested client,
anyway) since the programmers want Samba to work even when the client
sends something different.

It looks to me as though this is all NeWT is testing.

Real password security (or the SMB approximation thereto) is only used
when the client actually connects to one of the "real" shares.

I'd like to find some better documentation. Is there anyone who knows
Samba better who would like to comment?

Paul, if you're still interested or worried, could you ask the same
question of the Samba mailing lists, and report the answer back?

Thanks,

James.

-- 
E-mail address: james@ | Mike Andrews' Corollary to Murphy's Law:
westexe.demon.co.uk    | In any sufficiently large collection of texts, every
                       | possible misspeeling, as well as some that are not
                       | possible, will occur.



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux