AFP Server Share Enumeration (guest)
Info Nessus Plugin ID 45380
SynopsisThe "guest" user can access some network shares.
DescriptionThe remote AFP server allows guest users to connect to several shares.
Make sure this is in line with your organization's security policy.
SolutionIf you do not want the 'guest' user to be able to access any share on the remote system :
- On Mac OS X client, edit System Preferences -> Accounts
-> Guest and uncheck the option 'Allow guests to connect to shared folders'.
- On Mac OS X server, edit the AFP service and disable option 'Allow guests to connect'.