How can I stop SMB on Windows 7 null authenticating?

Question

This is a nasty question to be asking but we're really desperate. By which I mean we have about four hours to fix this or dire consequences will follow.

We have a PC for card processing in our office running Windows 7, it's intended to be secure in line with PCI Compliance. We've scanned it and it fails because the SMB service is allowing null session authentication. The guidance supplied with the scan points us to WINNT knowledgebase articles which are hopelessly out of date. We have altered settings in line with a couple of articles which relate to XP but the scan still fails.

Googling Windows 7 SMB PCI Fail returns nothing useful. Removing PCI returns the same results, removing Windows 7 brings an avalanche of stuff about older windows operating systems. There seems to be no simple way to configure the SMB service on the box.

It's a long shot, but does anyone know how I can stop SMB on Windows 7 null authenticating?

Answer 1

How about unbinding File and Printer sharing on the NIC, as well as unbinding Client for Microsoft Networks, disabling the Workstation and Server services and configuring the Windows Firewall to allow only inbound connections that are required for the card processing (if any).

Why secure SMB when you can disable it altogether? My guess is the computer doesn't need to access remote shares, provide local shares, doesn't need access to network resources, doesn't need to log on to the domain, and doesn't need to accept inbound connections except those required by the card processing, if any.

Answer 2

Although joeqwerty pretty much nails it some further info can be found here:

https://stackoverflow.com/questions/4267348/how-can-i-stop-smb-on-windows-7-null-authenticating

I'm only posting a link to that answer because I don't have enough rep to copy the full answer as it has two hyperlinks in it. Anyway, that's just a deeper investigation into the underlying mechanism of the problem.