Detections
Analytics
RHEL-06-000273 - The system must use SMB client signing for connecting to samba servers using mount.cifs.
Information
Packet signing can prevent man-in-the-middle attacks which modify SMB packets in transit.Solution
Require packet signing of clients who mount Samba shares using the 'mount.cifs' program (e.g., those who specify shares in '/etc/fstab'). To do so, ensure signing options (either 'sec=krb5i' or 'sec=ntlmv2i') are used.See the 'mount.cifs(8)' man page for more information. A Samba client should only communicate with servers who can support SMB packet signing.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_6_V2R2_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 6 STIG v2r2
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|III, CCI|CCI-000366, Rule-ID|SV-218025r603264_rule, STIG-ID|RHEL-06-000273, STIG-Legacy|SV-50458, STIG-Legacy|V-38657, Vuln-ID|V-218025
Plugin: Unix
Control ID: 88f8468800cfaeb6449df4aaa8e7e667ce22c1cd7f93d16ff1464f82e63a7c32