Why is SMB2 still disabled in our client by default?
Andrew Bartlett
abartlet at samba.org
Tue Mar 4 15:59:13 MST 2014
Just wondering, as it came up during the docs/param work:
Why do we only set 'client max protocol = NT1' by default?
What is required to move this up to SMB2/3?
The reason for my interest is that I still want to find a way to force
winbindd to require SMB signing for all authenticated connections, to
reduce our attack surface for future DCE/RPC bugs, and to validate that
the DC is really the one feeding us users and groups.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list