Sunday, February 2, 2020

SMB Signing not required


you mare came across above statement specially when vulnerability scanning. nessus scanner identified above issue by the plugin ID 57608 as below





Severity: Medium.





ID: 57608





File Name: smb_signing_disabled.nasl





Version: 1.18





Type: remote





Family: Misc.





this issue occurred when SMB traffic or server is not signed so an unauthenticated remote attacker can exploit or launch a MIM or Man -in- Middle attack against the SMB server.





the vulnerability can be fixed by enforcing SMB signing from a Group policy for Clinet and server.





GPO Location : Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options









Fore more Details read below.





https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always





https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always





Happy Fixing :)


at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How to complete Hack to the Box Sign Up Challange

         I think everyone knows about " hack the box " (  https://www.hackthebox.eu/). it's a cool place to learn about cybers...

  • SMB Signing not required
    you mare came across above statement specially when vulnerability scanning. nessus scanner identified above issue by the plugin ID 57608 as ...
  • WSUS Nightmares
    If you ever come across with wsus server console showing that client are not reported to the server over x number of days , you'll see s...
  • Remote Uninstall
    Yes it's true that some time remote uninstall save your life and work , :) PsExec.exe \\UNC-PATH msiexec /x /q "Path_to_MSIFile.msi...