Microsoft Windows SMB Registry : Dial-In Enabled

medium Nessus Plugin ID 11458

Synopsis

Dial-in access is enabled.

Description

Dial-in access is enabled on the remote Windows host. Provided a modem is installed, attackers may be able to dial into this host, bypassing firewall restrictions, and gaining access to the internal network.

Solution

Edit the registry and set the value of the registry key 'HKLM\Software\Microsoft\Windows\Policies\Network\nodialin' to 1.

Plugin Details

Severity: Medium

ID: 11458

File Name: smb_reg_nodialin.nasl

Version: Revision: 1.15

Type: local

Agent: windows

Family: Windows

Published: 3/24/2003

Updated: 1/12/2015

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Vector: CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P

Vulnerability Information

Required KB Items: SMB/name, SMB/login, SMB/password, SMB/registry_access, SMB/transport

Detections

Analytics