Microsoft Windows SMB Registry : Last Logged User Name Disclosure

info Nessus Plugin ID 11459

Synopsis

It is possible to know last logged user name.

Description

The registry key HKLM\Software\Microsoft\Windows NT\WinLogon\DontDisplayLastUserName is not set to 1.

It means that users who attempt to log in locally will see the name of the last user who logged in successfully in this computer on the screen.

Solution

Use regedt32 and set the value of this key to 1

Plugin Details

Severity: Info

ID: 11459

File Name: smb_reg_dontshowlastusername.nasl

Version: Revision: 1.14

Type: local

Agent: windows

Family: Windows

Published: 3/24/2003

Updated: 1/12/2015

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: SMB/name, SMB/login, SMB/password, SMB/registry_access, SMB/transport

Detections

Analytics