Contents
【Nessus】SMB Signing not required
<!–more–>
漏洞细节
SMB Signing not required
https://www.tenable.com/plugins/nessus/57608
修复方案
以 Windows Server 2008 R2 为例
1 备份注册表 (选择 计算机/Computer 这个根目录 导出)
2 运行注册表编辑器 (regedt.msc/Regedt32.exe)
3 选择 HKEY_LOCAL_MACHINE 之后再选择 System\CurrentControlSet\Services\LanManServer\Paramete 等
4 在此配置项中添加 以下内容
Value Name: EnableSecuritySignature
Data Type: REG_DWORD
Data: 0 (disable), 1 (enable)
NOTE: The default is 0 (disable)
Name: RequireSecuritySignature
Type: REG_DWORD
Value: 0 (disable), 1 (enable)
NOTE: The default is 0 (disable)
之后保存,重启主机即可。
参考资料
How to back up and restore the registry in Windows
https://support.microsoft.com/en-hk/help/322756/how-to-back-up-and-restore-the-registry-in-windows
How to enable SMB signing in Windows NT
https://support.microsoft.com/en-hk/help/161372/how-to-enable-smb-signing-in-windows-nt
Leave a Reply