SMB Insecurely Configured Service vulnerability

Labels:
This vulnerability can be cause due to many services which uses SMB in some ways. There are many related articles which you will found and they will tell you which service has problem and what should be the fix.

Articles : Tenable, Nessus, Microsoft

When i worked on this security incident, i found that there are some policies which are wrongly configured in GPO which is applying on all laptops and workstations.

There are only 4 things which you have to check on all service settings which are coming from GPO or manually configured. Then you have to remove them from ACL of those services.

1. Authenticated Users
2. Domain Users
3. Users
4. Everyone







If service is disabled, then there is not need to check this on it. If it is enabled either in Automatic Mode or Manual Mode, it is important to check.

Posted by at Friday, September 01, 2017

1 comments:

  1. Avishek Priyadarshi11 January 2018 at 15:46

    I really appreciate the information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in #IBM #QRadar, kindly Contact MaxMunus
    MaxMunus Offer World Class Virtual Instructor-led training on #IBM #QRadar. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 1,00,000 + training in India, USA, UK, Australia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain, and UAE etc.
    Avishek Priyadarshi
    MaxMunus
    E-mail: avishek@maxmunus.com
    Skype id: avishek_2.
    Ph:(0) 8553177744 / 080 - 41103383
    www.MaxMunus.com

    ReplyDelete

Subscribe to: Post Comments (Atom)