Has anyone else tried to set Local Policy setting for the "Additional restrictions for anonymous connections" to "No access without explict anonymous permissions". I made this setting and in addition setup the ACL on my HKLM\System\CurrentControlSet\Control\SecurePipesServer\winreg Key to Deny access for the Everyone Group. These settings should have insured that no one (without authentication) could enumerate shares or list user accounts on my system (i.e. net use \\system\ipc$ "" /user:""
. These settings do NOT appear to funtion. They do work correctly on my NT 4.0 system, but on my Windows 2000 Pro system (w/SP1 and all critical updates) I can still get this information through the use of a null session or anonymous connection.
Could someone else verify this for me. This could be a potentially dangerous problem.
. These settings do NOT appear to funtion. They do work correctly on my NT 4.0 system, but on my Windows 2000 Pro system (w/SP1 and all critical updates) I can still get this information through the use of a null session or anonymous connection.Could someone else verify this for me. This could be a potentially dangerous problem.
