× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



We've contracted with IBM to perform some threat analysis of our network.
We get these qualsys reports of our vulnerabilities. They were analyzing
our domino based quickr server running on i.
One vulnerability is SMB Signing Disabled or SMB Signing Not Required

Is this something we should be concerned about? Why? What should we do
about it?

Details of threat below:

Level 2 SMB Signing Disabled or SMB Signing Not Required
QID: 90043
Category: Windows
CVE ID: -
Vendor Reference: -
Bugtraq ID: -
Service Modified: 01/20/2010
User Modified: -
Edited: No
THREAT:
This host does not seem to be using SMB (Server Message Block) signing.
SMB signing is a security mechanism in the SMB protocol and is also
known as security signatures. SMB signing is designed to help improve the
security of the SMB protocol.
SMB signing adds security to a network using NetBIOS, avoiding
man-in-the-middle attacks.
When SMB signing is enabled on both the client and server SMB sessions are
authenticated between the machines on a packet by packet basis.
IMPACT:
Unauthorized users sniffing the network could catch many
challenge/response exchanges and replay the whole thing to grab particular
session keys,
and then authenticate on the Domain Controller.
SOLUTION:
Without SMB signing, a device could intercept SMB network packets from an
originating computer, alter their contents, and broadcast them to the
destination computer. Since, digitally signing the packets enables the
recipient of the packets to confirm their point of origination and their
authenticity, it is recommended that SMB signing is enabled and required.
Please refer to Microsoft's article 887429 (
http://support.microsoft.com/?kbid=887429) for information on enabling SMB
signing.
COMPLIANCE:
Not Applicable
EXPLOITABILITY:
There is no exploitability information for this vulnerability.
ASSOCIATED MALWARE:
There is no malware information for this vulnerability.
RESULTS:
No results available

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.