Business Publications

Topic: RSS Feed

MS02-070: flaw in server message block signing could enable group policy to be modified. (Microsoft).(Brief Article)

Information Systems Auditor, February, 2003

Issue

Server Message Block (SMB) is a protocol natively supported by all versions of Windows. Although nominally a file-sharing protocol, it is used for other purposes as well, the most important of which is disseminating group policy information from domain controllers to newly logged on systems.

Beginning with Windows 2000, it is possible to improve the integrity of SMB sessions by digitally signing all packets in a session. Windows 2000 and Windows XP can be configured to always sign, never sign, or sign only if the other party requires it.

A flaw in the implementation of SMB Signing in Windows 2000 and Windows XP could enable attackers to silently downgrade the SMB Signing settings on an affected system. To do this, attackers would need...

Read the rest of this article with a Free Trial at HighBeam Research.
Premium Content Partnership | HighBeam Research provides an in-depth online archive library of reference works. HighBeam Research

 

BNET TalkbackShare your ideas and expertise on this topic

Please add your comment:
  1. You are currently: a Guest |
  4.  

Basic HTML tags that work in comments are: bold (<b></b>), italic (<i></i>), underline (<u></u>), and hyperlink (<a href></a)

advertisement
advertisement
  • Click Here
  • Click Here
  • Click Here
advertisement