Meet me on LinkedIn

SME - Azure, DevOps, Citrix and Windows stack.
Enthusiast Of Cyber Security.

Free Microsoft Courses

Access free Microsoft learning resources.

Free Certifications

Find and earn free certifications to boost your career.

SMB Signing not required

Posted Feb 2, 2020 Updated Apr 28, 2025

1 min read

you may have came across above statement specially when vulnerability scanning. nessus scanner identified above issue by the plugin ID 57608 as below

Severity: Medium.

ID: 57608

File Name: smb_signing_disabled.nasl

Version: 1.18

Type: remote

Family: Misc.

this issue occurred when SMB traffic or server is not signed so an unauthenticated remote attacker can exploit or launch a MIM or Man -in- Middle attack against the SMB server.

the vulnerability can be fixed by enforcing SMB signing from a Group policy for Clinet and server.

GPO Location : Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

Fore more Details read below.

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always

Happy Fixing :)

Blogging, Srilankan_IT_industry, SriLanka

This post is licensed under CC BY 4.0 by the author.

Trending Tags