Summary

• Windows 2000

  • Not protected by default against NULL sessions
  • Setting RestrictAnonymous to 1 does not really improve security, using 2 is highly recommended on workstations and servers
  • Apply Update Rollup Package 1 for Windows 2000 SP4

• Windows XP

  • Protected by default against access to samr and lsarpc
  • In XP SP2, \pipe\browser can be used to reach srvsvc or wkssvc

• Windows 2003

  • Protection equivalent to Windows XP

• Active Directory domain controllers

  • Typically not protected by default against account enumeration via samr