Detections
Analytics
3.018 - Anonymous enumeration of shares must be restricted.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
Allowing anonymous logon users (null session connections) to list all account names and enumerate all shared resources can provide a map of potential points to attack the system.Solution
Configure the policy values for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' to 'Enabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_7_V1R32_STIG.zip
Item Details
Audit Name: DISA Windows 7 STIG v1r32
Category: ACCESS CONTROL
References: 800-53|AC-6(10), CAT|I, CCI|CCI-001090, CSCv6|16, Rule-ID|SV-25090r2_rule, STIG-ID|3.018, Vuln-ID|V-1093
Plugin: Windows
Control ID: 408365fcbc07c6f3cec8773414415cf8be51618e308aa23f6057fd59d5e40a11