Translated message

A translation of this page exists in English.

SMB Signing not required 安全漏洞

Solution In Progress - Updated -

Issue

如何解决第三方安全扫描程序报告的 SMB Signing not required 安全漏洞?

  • 已安装并启用 Samba 文件共享服务器。

  • 第三方安全扫描程序报告 SMB Signing not required 安全漏洞。

  • nmap 报告 Message signing disabledMessage signing enabled but not required:

    # nmap --script smb-security-mode.nse -p445 127.0.0.1

PORT    STATE SERVICE
445/tcp open  microsoft-ds

Host script results:
| smb-security-mode: 
|   Account that was used for smb scripts: guest
|   User-level authentication
|   SMB Security: Challenge/response passwords supported
|_  Message signing disabled (dangerous, but default)

    # nmap --script smb2-security-mode.nse -p445 127.0.0.1

PORT    STATE SERVICE
445/tcp open  microsoft-ds

Host script results:
| smb2-security-mode: 
|   3.11: 
|_    Message signing enabled but not required

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9
  • samba

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content