SMB Signing Required

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

Signing is not required on the remote SMB server.

Description :

Signing is not required on the remote SMB server. This can allow
man-in-the-middle attacks against the SMB server.

See also :

http://support.microsoft.com/kb/887429
http://technet.microsoft.com/en-us/library/cc731957.aspx
http://www.nessus.org/u?74b80723
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html
http://www.nessus.org/u?a3cac4ea

Solution :

Enforce message signing in the host's configuration. On Windows,
this is found in the policy setting 'Microsoft network server:
Digitally sign communications (always)'. On Samba, the setting is
called 'server signing'. See the 'see also' links for further details.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)

Family: Misc.

Nessus Plugin ID: 57608 ()

Bugtraq ID:

CVE ID: