How to enable SMB signing, syn-ack on windows 2008 domain controller

Dear Support team,


Please advice, how we can implement below mentioned on windows 2008 domain controller



How to enable

SMB Weaknesses
The SMB signing is disabled on the target systems.
::::____

How we can set syn-ack

SYN-ACK retransmissions time limit has not been set;
'Turn off Untrusted Content' is not enabled;
::::::::
How to and which to services need to be stop

Active Processes
Multiple active processes are running on the system in-scope as listed in Appendix 2.



Defaults
Enabled by default on DC's, Disabled on Member Servers

Administrative Tools|Local Security Policy.
Local Policies | Security Options | Microsoft Network Server
Digitally sign communications (always) properties set to enabled

you can also use group policy (the drawback is a 15% network overhead)



Defaults
Enabled by default on DC's, Disabled on Member Servers

Administrative Tools|Local Security Policy.
Local Policies | Security Options | Microsoft Network Server
Digitally sign communications (always) properties set to enabled

you can also use group policy (the drawback is a 15% network overhead)



Thanks for your response, but in my DC it is disable. If I enable SMB is there will be any issues and can I enable on other servers like web server ERP server please advice

Thanks



signing of packets will incur about a 15% overhead, if you need this to comply with an audit then that is what you need to do.





Share this

Related Posts

There was an error in this gadget