9 docs tagged with "SMB"

This document details a script designed to detect and remediate the CVE-2016-2115 vulnerability related to SMB signing. It includes sample runs, dependencies, variables used in the script, output details, and ticketing procedures for successful remediation.

This solution shows the folder redirection auditing of the active user folders on the computer

This document provides an overview of the Folder Redirection Audit, detailing the information displayed related to folder redirection on endpoints, including dependencies, columns, and their descriptions.

This script performs the folder redirection audit for the redirected folders of all users of the Windows machines. The folders which are used for audit are (Desktop, Document, Download, My Picture, My Video, My Pictures, Local AppData, History, Cookies, Cache, AppData, Favorites, Fonts, CD Burning, Administrative Tools, NetHood, Personal, PrintHood, Programs, Recent, SentTo, Start Menu, StartUp, Templates)

This table is build to store the folder redirection of users of the computers obtained from the script

This solution monitors servers for SMB1 protocol usage. It enables SMB1 access auditing (if disabled), scans event logs for recent SMB1 access attempts (Event IDs 1001, 3000) within the past hour, and triggers an alert through a compound condition if SMB1 is enabled and any access attempts are detected.

Enables SMB1 access auditing if disabled and scans event logs for recent SMB1 access attempts (Event IDs 1001, 3000) within the last hour. Returns exit codes for detection or script failure.

This Compound Condition creates an alert on Servers with SMB1 Protocol enabled and if SMB1 access attempts (Event IDs 1001, 3000) is detected within the last hour

This document outlines a client script that generates a ticket for each client based on the count of computers requiring remediation for the SMBv1 enable status. It includes sample runs, dependencies, variable descriptions, and ticketing format.