Samba LDAP

From Gentoo Linux Wiki

Jump to: navigation, search

[edit] Security problem(with Pam autentification?)

  • download Back|Track 2 that is a security livecd here
  • burn the Back|Track 2 cd
  • boot on Back|Track 2 cd
  • go to start->Backtracj->enumeration->SMB->SMBdumpusers 
smbdumpusers -i theIPofYourComputer

then you'll see that we are able to dump most of the users acount from your computer..

[edit] Solution

add the following line to /etc/samba/smb.conf 

restrict anonymous = 2

and you'll see that smbdumpusers won't work anymore 

# smbdumpusers -i 192.168.1.105
ERROR: SMBNTCreateAndX()
ERROR: SMBNTCreateAndX()
ERROR: The server might have restrict anonymous set to 2

[edit] Additional Information

Setting "restrict anonymous = 2" in your smb.conf will prevent some Windows Clients from logging on to your Domain !

Retrieved from "http://www.gentoo-wiki.com/Samba_LDAP"
Personal tools