Hyland Connect

thiyagu · ‎08-30-2017

Hello All,

Nessus Scan Report found security Vulnerabilities, please find below report details.

=====================================

57608 (1) - SMB Signing Disabled

Synopsis

Signing is not required on the remote SMB server.

Description

Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct

man-in-the-middle attacks against the SMB server.

See Also

https://support.microsoft.com/en-us/kb/887429

http://technet.microsoft.com/en-us/library/cc731957.aspx

http://www.nessus.org/u?74b80723

http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html

http://www.nessus.org/u?a3cac4ea

Solution

Enforce message signing in the host's configuration. On Windows, this is found in the policy setting 'Microsoft network

server: Digitally sign communications (always)'. On Samba, the setting is called 'server signing'. See the 'see also'

links for further details.

=====================================

I could not find any alfresco documentation for configuring 'server signing' in Alfresco 5.2. Kindly help me out for this issue?

Kindly help me to fix this issue.

Regards

Thiyagu

resplin · ‎08-31-2017

Our CIFS implementation does not support SMB server signing. We recommend that you use WebDAV instead. See the section under "Current Efforts" on this page: ‌

Content Repository Roadmap 2017

View answer in original post

resplin · ‎08-31-2017

Our CIFS implementation does not support SMB server signing. We recommend that you use WebDAV instead. See the section under "Current Efforts" on this page: ‌

Content Repository Roadmap 2017

Hyland Connect

SMB Signing Disabled in Alfresco 5.2