SMB

Jan 1, 0001

Definition

Server Message Block (SMB) is a network protocol primarily used for providing shared access to files, printers, and serial ports between nodes on a network. It operates as an application-layer protocol and is commonly used in Windows environments for file and printer sharing. SMB can be vulnerable to various security issues if not properly configured, such as man-in-the-middle attacks and unauthorized access.

Secure Settings Example

# Disable SMBv1 to mitigate security vulnerabilities
Set-SmbServerConfiguration -EnableSMB1Protocol $false

# Enable SMB encryption to protect data in transit
Set-SmbServerConfiguration -EncryptData $true

# Configure SMB signing to prevent man-in-the-middle attacks
Set-SmbServerConfiguration -RequireSecuritySignature $true

Insecure Settings Example

# Enabling SMBv1, which is outdated and vulnerable to attacks
Set-SmbServerConfiguration -EnableSMB1Protocol $true

# Disabling SMB signing, which increases risk of man-in-the-middle attacks
Set-SmbServerConfiguration -RequireSecuritySignature $false

SMB

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter