在审计期间,提出了匿名访问 IPC$(空会话)共享的问题。审计将以下内容列为 Windows 2008r2 文件服务器上的风险:
C:\>net use \\fileserver\ipc$ "" /user:""
The command completed successfully.
我已经确认配置了以下设置
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\
Network access: Allow anonymous SID/Name translation = disabled
Network access: Do not allow anonymous enumeration of SAM accounts =enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares =enabled
Network access: Let Everyone permissions apply to anonymous users=disabled
Network access: Named Pipes that can be accessed anonymously= <blank>
Network access: Shares that can be accessed anonymously= …