@Netstaff what he means null session is allowed to domain controllers
and RDS server. you can configure group policy and disable null session
if any on any server/pc but the policy will not be apply on Domain
controllers.(i already tried). thus a hacker can use null session and
get the list of users...
Hello, How would I go about opening a support case? And if MS decides to
say whatever the problem is is not a bug, what kind of charge would be
expected?
They are nearly as legacy as Mailslots, they've had historical security
issues, and in some cases, we've blocked their use by default (such as
when using SMB over QUIC).
Thanks for the info.But why are Named Pipes less recommended? With
Sockets you have the problem that you have to choose a port number and
probably create proprietary firewall exceptions.
Hi. I'd recommend switching to Windows Sockets (About Winsock - Win32
apps | Microsoft Learn) or - less recommended - Named Pipes (Named Pipes
- Win32 apps | Microsoft Learn).
Latest Comments