漏洞扫描显示 SMB1 在被禁用后已启用

tag-icon tag-icon windows server-message-block
漏洞扫描显示 SMB1 在被禁用后已启用

我有两台主机,均为 Windows Server 2012 R2 Standard,初始设置相同。已server1 SMB1按如下所述禁用 ,但我没有触碰server2

https://support.microsoft.com/en-us/help/2696547/how-to-detect-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and

现在,漏洞扫描的结果(Rapid7 Nexpose)如下所示:

>     +---------+------+------+--------------------+
>     | host    | prot | port | smb                |
>     +---------+------+------+--------------------+
>     | server1 | tcp  | 139  | smb1-enabled: true |
>     +---------+------+------+--------------------+
>     | server1 | tcp  | 445  | smb2-enabled: true |
>     +---------+------+------+--------------------+
>     | server2 | tcp  | 139  | smb1-enabled: true |
>     +---------+------+------+--------------------+
>     | server2 | tcp  | 445  | smb1-enabled: true |
>     |         |      |      | smb2-enabled: true |
>     +---------+------+------+--------------------+

我需要明白为什么smb1看起来是enabled这样port 139 server1

相关内容