Network Access: Must prevent NTLM from falling back to a Null session

PingSentry | Blog | System32 | GitHub | Free tools

Network Access: Must prevent NTLM from falling back to a Null session

793452ad-d37f-461b-a270-cc4e0ea1c2a5

NTLM sessions that are allowed to fall back to Null (unauthenticated) sessions may gain unauthorized access.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ Network security: Allow LocalSystem NULL session fallback to "Disabled".

STIG:
Server 2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2022-08-25/finding/V-254471
Server 2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2022-03-01/finding/V-205917 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93297
Server 2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2022-03-01/finding/V-225050 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73681

Desktop:
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2022-04-08/finding/V-220934 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220934
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2022-06-24/finding/V-253458

Tags

stig-medium-server compliance-server security-server stig-medium-desktop compliance-desktop security-desktop nist800-171-desktop nist800-171-server cmmc-l2-desktop cmmc-l2-server cmmc2-l2-desktop cmmc2-l2-server