SecPoint - Best IT Security
The best Innovative and powerful IT Security products

Encyclopedia / Encyclopedia Part 5 /

What is a Null Session? 

Windows has its own way of characterizing an anonymous user and this is through the process of the null session. The null sessions are the unauthenticated sessions of the Server Message Block (SMB), which is the core network protocol of the Windows operating system. It is a type of communication in which the function focuses mainly on supplying foundation of network file as well as print sharing services.

One can generate a null session with the use of a Windows

Net program in order to perform connection mapping while utilizing a blank name and password. According to the experts, the sole purpose of this Windows process is to aid in the call for RPC operations on a remote system in a very discreet manner.
Of course, like any other processes, the null session also has its own security hole that is deemed vulnerable to attacks by some vicious online criminals. The attacker can utilize the vulnerability in the null session in order to connect to an unprotected inter process communication (IPC$) share of the Windows system even from afar or over the web.
It will be very easy for malicious crooks to exploit an unsecured Windows system by entering some codes at the Windows command prompt. Based on studies, the attacker will just have to basically enter “net use ip_addressipc$” and “/user:” at the command prompt in order to easily gain access into the system.
There are other applications an invader may use in order to successfully carry out his plans and these are the Winfo, Walksam, and some sorts of Windows Resource Kit tools. There are also the net programs that are components of Windows, meant specifically for collecting large amount of information from the system. These devices may only be utilized after a null session has already been launched manually. The kinds of information that can be amassed even without logging in are the following: share names, security policy settings, user ID, and the users who are still logged in.
 Vulnerability Scanner - Vulnerability Management 

➤ Related pages
Attacks on Macros and ActiveX?
Crack Wifi Passwords
Hacking wifi password
Hacking Wifi Passwords
What is a Cracker?
What is a Null Session?
What is a Password Replay Attack?
What is a password?
What is Cyberwarfare?
What is Linux?
What is MD5 Encryption?
What is Novell NetWare?
What is Phrack?
What is Social Engineering?
Wi-Fi Auditor the Portable Penetrator
Wi-Fi Password Cracker
Wifi Decoder Recover
WPA hacking software

Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software

SecPoint is specialized to deliver the best IT security solutions and products.

Compatible with Product
Securely protected by SecPoint
Customer reference King Customer reference New York Customer reference ROC Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef Customer reference King Customer reference New York Customer reference Roc Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef