Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
- Subject: Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
- From: James Alcasid <email@hidden>
- Date: Mon, 19 Nov 2007 10:06:12 -0500
- Thread-topic: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Title: Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
They may be running Tiger which has version 3.0.10 of Samba. Samba in Leopard is 3.0.25b.
The current open source project version is 3.0.27 as of the the 15th.
Check your version in Terminal:
smbd -V
The 10.4.11 update does not addresses the security issue. You have several options:
Deactivate the service if it is not critical and move the files over to a system with a higher security posture with regards to smb file sharing or upgrade to Samba version 3.0.27.
--
James Alcasid | VTI
Department of Veterans Affairs
email@hidden
From: Joel Esler <email@hidden>
Date: Sat, 17 Nov 2007 17:42:47 -0600
To: "Williams, Earl M CIV SPAWAR, SSC-SD 246210" <email@hidden>
Cc: Apple Fed Talk <email@hidden>
Subject: Re: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
Obviously the scan results are flawed. 3.0.25b is the current version.
Www.apple.com/opensource <http://Www.apple.com/opensource>
If you can disprove part of a scan result, how can you trust the scan at all?
--
Joel Esler
Sent from the road.
On Nov 17, 2007, at 5:00 PM, "Williams, Earl M CIV SPAWAR, SSC-SD 246210" <email@hidden> wrote:
Bob,
Your guess about Windows Sharing is correct.
I too was flagged for the following network vulnerabilities last August:
HIGH VULN: SAMBA MULTIPLE BUFFER OVERFLOW VULNERABILITIES - MAY 2007
HIGH VULN: FOUND VALUE: UNIX SAMBA 3.0.10 NULL SESSION
MEDIUM VULN: MIN PASSWORD LENGTH
MEDIUM VULN: MAX PASSWORD AGE
MEDIUM VULN: ACCOUNT LOCKOUT THRESHOLD
A 29 May 2007 MacWorld article <http://www.macworld.com/news/2007/05/29/samba/index.php <http://www.macworld.com/news/2007/05/29/samba/index.php> > suggests that all of these vulnerabilities are related solely to Windows file sharing via Samba. As soon as I disabled that on my MacBook Pro (in the Sharing pane of System Preferences), my MacBook Pro passed the security scan just fine.
Regards,
Earl Williams
On Nov 16, 2007, at 12:04 PM, email@hidden <mailto:email@hidden> wrote:
Date: Fri, 16 Nov 2007 10:17:29 -0600
From: "Blankenship, Bob J Mr CTR USA IMCOM"
<email@hidden <mailto:email@hidden> >
Subject: [Fed-Talk] Macs getting Flagged (UNCLASSIFIED)
To: "Apple Fed Talk" <email@hidden <mailto:email@hidden> >
Message-ID:
<email@hidden email@hidden"><mailto:email@hidden> >
Content-Type: text/plain; charset="us-ascii"
Classification: UNCLASSIFIED
Caveats: NONE
The Macs in our building are getting flagged on a network scan report.
The areas we are getting flagged are password length does not meet
minimum requirements of 8 characters and password age cannot be over 90
days. We can change our passwords and that may fix the 90-day problem
but my password is 11 characters long so it already meets the minimum
length requirement. Not sure why I am getting flagged on this one unless
it because of the shared folders I have set up. Is there somewhere on a
control panel to set the minimum password length?
The other area is "account lockout threshold" and the duration of how
many minutes before the account becomes unlocked and how many times a
user can attempt to log in before they are locked out. Anyone have
suggestions on how do we change this?
The last item is Multi heap buffer overflows. They say to fix this
problem by upgrading to Samba 3.0.25 or later. Anyone know if Leopard
has this version of Samba or later? Might be a way for me to get some OS
upgrades.
We have Personal File Sharing, Windows Sharing, and Printer Sharing
turned on. I think the Windows Sharing uses Samba but not sure.
I wouldn't be surprised if somehow all this is not directly related
Samba and Windows Sharing.
Any suggestions will be appreciated.
Thanks
Bob Blankenship
Classification: UNCLASSIFIED
Caveats: NONE
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden <mailto:email@hidden>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden