How to Disable NetBIOS NULL Sessions

Windows XP Home Edition

Note: This also works in Windows 2000 and XP Professional.

1. Set the Following Registry Key: HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymous=2

2. Reboot to make the changes take effect.

Windows XP Professional Edition and Windows Server 2003

1. Go to Administrative Tools --> Local Security Policy --> Local Policies --> Security Options. Make sure the following two policies are enabled:
Network Access: Do not allow anonymous enumeration of SAM accounts: Enabled (Default)
Network Access: Do not allow anonymous enumeration of SAM accounts and shares: Enabled

This can also be accomplished using the following registry keys:
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=1 (This disallows enumeration of shares)
HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM=1 (Default, not allowing enumeration of user accounts)

2. Reboot to make the changes take effect.

Windows 2000

1. Go to --> Administrative Tools --> Local Security Settings --> Local Policies --> Security Options

2. Select "Additional restrictions of anonymous connections" in the Policy pane on the right

3. From the pull down menu labeled "Local policy setting", select: "No access without explicit anonymous permissions"

4. Click OK

5. The registry setting equivalent is: HKLM\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=2

6. Reboot to make the changes take effect.

Windows NT 4.0 (Service Pack 3 or later)

Set the Following Registry Key: HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymous=1

Samba

I am not certain how this works in the latest releases of Samba. Please email me with any feedback or experiences you could provide.

일시적인 공유폴더 제거
(명령 프롬프트에서)
net share admin$ /delete
net share c$ /delete
net share ipc$ /delete

http://www.brown.edu/cis/information_security/CIRT/help/netbiosnull.php