Blog Post

Storage at Microsoft
1 MIN READ

Defending SMB Clients from Interception Attacks

NedPyle's avatar
NedPyle
Former Employee
Jun 29, 2020

Heya folks, Ned here again. I recently wrote a guest post on the IT Ops Talk blog about increasing security on your SMB clients. It's about defending against interception attacks (previously called "man-in-the-middle" attacks) and includes specific recommendations, steps, and best practices. 

 

How to Defend Users from Interception Attacks via SMB Client Defense

 

You should check it out. 

 

- Ned Pyle

Updated Nov 08, 2022
Version 3.0

2 Comments

  • NedPyle's avatar
    NedPyle
    Former Employee
    Aug 04, 2020

    Alban1999 Thank you! 

     

    Yes, we have fixed that issue in the next version of Windows Server and have a backport bug to fix WS2019 and perhaps WS2016.  

  • Alban1999's avatar
    Alban1999
    Iron Contributor
    Aug 03, 2020

    Hello Ned,

     

    Thanks for your work on helping people securing SMB shares. It's a crypto hell out there...

     

    Just so know, when using Best Practives Analyzer within Server Manager on Windows Server 2019, you get a warning if you disabled SMB v1.0 ("The SMB 1.0 file sharing protocol should be enabled"). Could you get in touch with the corresponding team so they can update this item ?

     

    Regards,