Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
- From: "Williams, Earl M CIV SPAWAR, SSC-SD 246210" <email@hidden>
- Date: Sat, 17 Nov 2007 15:00:20 -0800
- Thread-topic: Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Title: Message
Bob,
Your guess about Windows Sharing is
correct.
I too was flagged for the following network
vulnerabilities last August:
HIGH VULN: SAMBA MULTIPLE BUFFER OVERFLOW
VULNERABILITIES - MAY 2007
HIGH VULN: FOUND VALUE: UNIX SAMBA 3.0.10 NULL
SESSION
MEDIUM VULN: MIN PASSWORD LENGTH
MEDIUM VULN: MAX PASSWORD
AGE
MEDIUM VULN: ACCOUNT LOCKOUT THRESHOLD
A 29 May 2007 MacWorld article <http://www.macworld.com/news/2007/05/29/samba/index.php> suggests that all of these vulnerabilities are related
solely to Windows file sharing via Samba. As soon as I disabled that on my
MacBook Pro (in the Sharing pane of System Preferences), my MacBook Pro passed the security scan
just fine.
Regards,
Earl Williams
On Nov 16, 2007, at 12:04 PM,
email@hidden
wrote:
Date: Fri, 16 Nov 2007 10:17:29 -0600
From: "Blankenship, Bob J Mr
CTR USA IMCOM"
<
email@hidden>
Subject:
[Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
To: "Apple Fed Talk" <
email@hidden>
Message-ID:
<
email@hidden">
email@hidden>
Content-Type:
text/plain; charset="us-ascii"
Classification: UNCLASSIFIED
Caveats: NONE
The Macs in our building are getting flagged on a network scan
report.
The areas we are getting flagged are password length does not
meet
minimum requirements of 8 characters and password age cannot be over
90
days. We can change our passwords and that may fix the 90-day
problem
but my password is 11 characters long so it already meets the
minimum
length requirement. Not sure why I am getting flagged on this one
unless
it because of the shared folders I have set up. Is there somewhere on
a
control panel to set the minimum password length?
The other area is "account lockout threshold" and the duration of
how
many minutes before the account becomes unlocked and how many times
a
user can attempt to log in before they are locked out. Anyone
have
suggestions on how do we change this?
The last item is Multi heap buffer overflows. They say to fix
this
problem by upgrading to Samba 3.0.25 or later. Anyone know if
Leopard
has this version of Samba or later? Might be a way for me to get some
OS
upgrades.
We have Personal File Sharing, Windows Sharing, and Printer
Sharing
turned on. I think the Windows Sharing uses Samba but not sure.
I wouldn't be surprised if somehow all this is not directly
related
Samba and Windows Sharing.
Any suggestions will be appreciated.
Thanks
Bob Blankenship
Classification: UNCLASSIFIED
Caveats:
NONE
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden