07-17-2018 06:21 AM
Lenovo XClarity Administrator Version 2.0.0 has Samba Port 445 open with smb v1 protocol.
Someone know how to disable smb v1 on Lenovo XClarity Administrator 2.0.0
Here a nmap Scan for port 445 on XClarity VM Appliance
C:\Users\u011143\Downloads\nmap>nmap -sV --script smb-protocols -p 445 10.10.1.199 Starting Nmap 7.60 ( https://nmap.org ) at 2018-07-16 14:41 Mitteleuropõische Sommerzeit Nmap scan report for pu-xclarity.der.de (10.10.1.199) Host is up (0.00088s latency). PORT STATE SERVICE VERSION 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) Host script results: | smb-protocols: | dialects: |_ NT LM 0.12 (SMBv1) [dangerous, but default] Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 7.77 seconds C:\Users\u011143\Downloads\nmap>
We need this for PCI Audit.
Solved! Go to Solution.
07-17-2018 06:41 AM
LXCA uses SAMBA for the Operating System Deploy function. If you wish to deploy OS to servers, this is required. The SAMBA share is READ ONLY, but many security scanners still consider this a vulnerability, simply because the SAMBA port is open.
If you want to disable SAMBA, you must disable OS deploy. You can find instructions for doing that here:
You must configure the network interface so that it does NOT include "deploy operating system images":
Modify the network interface to be used for operating-system deployment if you intend to deploy operating-systems from Lenovo XClarity Administrator.
If only one interface is defined for Lenovo XClarity Administrator (Eth0), choose whether that interface is to be used to discover and manage hardware only, or whether it is also to be used to deploy operating-system images.
If two interfaces are defined for Lenovo XClarity Administrator (Eth0 and Eth1), determine which interface is to be used to deploy operating-system images. If you choose "None", you cannot deploy operating-system images to managed servers from Lenovo XClarity Administrator.
07-17-2018 07:43 AM - edited 07-17-2018 07:55 AM
Thank you for fast feedback.
Your solution work super.
C:\Users\u011143\Downloads\nmap>nmap -sV --script smb-protocols -p 445 10.10.1.199 Starting Nmap 7.60 ( https://nmap.org ) at 2018-07-17 16:48 Mitteleuropõische SommerzeitNmap scan report for pu-xclarity.der.de (10.10.1.199) Host is up (0.0010s latency). PORT STATE SERVICE VERSION 445/tcp closed microsoft-ds Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 1.68 seconds C:\Users\u011143\Downloads\nmap>
Port is complete closed. That is exactly what we need.