SMBv2 Signing Configuration Checker

This tool can be used to state message signing configuration of the SMB server.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4

Parent Category

SMBv2 Signing Configuration Checker Detail

Determines the message signing configuration in SMBv2 servers for all supported dialects.

The script sends a SMB2_COM_NEGOTIATE request for each SMB2/SMB3 dialect and parses the security mode field to determine the message signing configuration of the SMB server.

SMB signing allows the recipient of SMB packets to confirm their authenticity and helps prevent man in the middle attacks against SMB. SMB signing can be configured in one of three ways: disabled entirely (least secure), enabled, and required (most secure).

References:

https://msdn.microsoft.com/en-us/library/cc246561.aspx

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.

Try it yourself,
control security posture

Get free usage

Learn More About Product