Avatar of Jon Villareal
Jon VillarealFlag for United States of America

asked on 

SMB Signing issues

Hello Everyone, I am working with a bank that has monthly security scans, and one of the really big issues is SMB Signing.
"cifs-smb-signing-disabled
This system does not allow SMB signing. SMB signing allows the recipient of SMB packets to confirm their authenticity and
helps prevent man in the middle attacks against SMB. SMB signing can be configured in one of three ways: disabled entirely
(least secure), enabled, and required (most secure)."
I have made registry changes to the servers (Server 2008 and Server 2012) HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanmanServerParameters
EnableSecuritySignature = 1
RequireSecuritySignature = 1
And on the PC's (Windows 7 Pro and Windows 10 Pro)
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanmanWorkStationParameters
EnableSecuritySignature = 1
RequireSecuritySignature = 1
We are still getting the error each time the report runs. Is there something I maybe missing?

Thanks,

Jon
OS SecuritySecurity

Avatar of undefined
Last Comment
Jon Villareal
SOLUTION
Avatar of Adam Brown
Adam Brown
Flag of United States of America image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
SOLUTION
Avatar of Shaun Vermaak
Shaun Vermaak
Flag of Australia image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Avatar of Jon Villareal
Jon Villareal
Flag of United States of America image

ASKER

The reason I did not go with GPO, was that the scan report pointed to Microsoft tech links that all stated using registry. I will be pushing out GPO and see if that fixes the issue. Either way I cant see it causing any other issues.

Thank you
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Avatar of Jon Villareal
Jon Villareal
Flag of United States of America image

ASKER

Setup using GPO in AD. Next test still shows SMB Signing issues. Contacted security company and is probably a false positive.
Security
Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo