Detecting (CIFS) Server Capabilities

Posted on

I'm currently writing some system auditing tools. Part of those audit tools automated remediation of any issues found.

One of the things that our security folks want is to ensure that CIFS clients are making use of packet-signing for mounted CIFS shares. While I could set the script to add a "sec=ntlmv2i" option for all defined CIFS mounts, it would probably bad to do this blindly. Wouldn't want to change mount options if the CIFS server doesn't support packet-signing as it would break any defined CIFS mounts. Was hoping to add logic to the auto-remediation component that did a capabilities detection of the CIFS mounts' source(s), and only update the mount options if the capability is available on the server.

So, any recommendations on doing server capabilities testing?