|
|
- Uses the anonymous, passwordless connection ("NULL session")
- Enumerates shares, which is also used by WinNT in trusted domains
- grabs name of the domain administrator, allowing intruder to find the name of the administrator account
net use \\host\ipc$ "" /user:"" Install "sec-fix" hotfix or SP3/later. Edit registry key: HKLM\CurrentControlSet\Control\LSA
RestrictAnonymous
REG_DWORD
1
|
