May 16th, 2005, 11:30 PM
Null Sessions - explaining the risk(s) of it...
First - in case anyone was wondering, I am tasked to test the security on our servers/workstations/networks/websites, etc.
Second - my current assignment has me testing @30 servers and I am working on an explanation to a group about their security, or lack thereof, on a select number of Windows servers. One area of weakness, is that I am able to connect, by way of null sessions, to some of their servers. I have a feeling that telling them I can enumerate local administrators, users, shares, permissions, group members, etc., all without using any form of authentication, will just net me puzzled looks. I have taken snapshots of what I was able to enumerate, and will be turning that over to them, but I believe I need a real world explanation about the dangers of allowing null sessions to occur on their servers so that they will take action.
I need to tie in why the lack of security on those servers will compromise the business. Unfortunately, I do not believe I have the expertise enough to bridge between what I can do technically and provide a business like relationship to the risks, well enough expertise to explain that to a group of users/admins who may or may not understand null sessions. I welcome your input and ideas on this.