A recent network scan has identified this potential vulnerability. I realise that it may not be an actual vulnerability (which would depend on access lists), but the fact is that this is an e-commerce server and we are required to get a "clean" network scan so this "problem" must be fixed.
The machine is standalone SBS 2003 SP2 running IIS 6 without SQL server or exchange. Basically it is just a webserver.
This problem did not exist on our last scan 3 months ago and there have been no configuration changes that I am aware of. Also, I have checked this
In particular, the RestrictAnonymous registry setting is already set to 2 here
I have also verified that the dsHeuristics attribute is not defined on the DN path as follows:
CN=Directory Service,CN=Windows NT,CN=Services,CN=Configur
domain in forest
Any help or advice would be much appreciated.