Enumeration, Microsoft Windows

Disable NetBIOS NULL Sessions

Use Registry Editor to view the following registry key, and then add the following value to this key, or modify it if the value already exists:


Value: RestrictAnonymous
Value Type: REG_DWORD
Value Data: 0x2 (Hex)

0 None. Rely on default permissions
1 Do not allow enumeration of SAM accounts and names
2 No access without explicit anonymous permissions

Restart the computer after any change to the RestrictAnonymous key in the registry.

When the RestrictAnonymous registry value is set to 2, the access token built for non-authenticated users does not include the Everyone group, and because of this, the access token no longer has access to those resources which grant permissions to the Everyone group.