How to disable NULL BASE QUERY
Hi,
A recent Nessus scan reports that our Windows Server 2003 (It is DC+MSCS+Weblogic Server) has
null base query vulnerability. It allows information to be retrieved without any prior knowledge of the directory structure.
I've checked following settings based on the following KB articles but get no positive result:
http://support.microsoft.com/kb/326690
dsHeuristics attribute is not defined on the DN path as follows:
CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,Root domain in forest
http://support.microsoft.com/kb/837964
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\RestrictAnonymous registry setting is already set to 2
Is it normal behavior?? How do I disable the null base query anyway??
Your advice is greatly appreciated and thank you in advance.
June 21st, 2012 10:19am