| VID |
27089 |
| Severity |
30 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
You can set continuous idle time for which you should be in SMB(Server Message Block) session before closing a session. You can use server resources in Each SMB session, and if the number of null session is too many, the server may be slow or fail. Some attackers can exploit this for a denial of service.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
1. Start> Run> SECPOL.MSC> Local Policies> Security Options
2. Set ¡°Microsoft Network Server: Disconnect clients when logon hours expire¡± to "Enabled"
Set ¡°Microsoft Network Server: Amount of idle time required before suspending session¡± to 15 min |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
