HP CIFS Server 3.0a Administrator's Guide version A.02.01
Securing HP CIFS Server
Security Protection Methods
Chapter 12 227
For example, you can configure an IPC$ share as follows:
[ipc$]
hosts allow = 192.168.115.0/24 127.0.0.1
hosts deny = 0.0.0.0/0
This configuration tells the HP CIFS Server that it cannot accept IPC$
connections from anywhere but the two places listed: a local host and a
local subnet. Because the IPC$ share is the only share that is always
accessible anonymously, this provides some level of protection against
attackers that do not know a valid user name and password for your
host.
If you use this method, then clients receive an access denied reply
when they try to access the IPC$ share. This means that those clients
cannot browse shares and might also be unable to access some other
resources
Protecting Sensitive Information
This section describes the security methods you can use to protect
sensitive information.
Encrypting Authentication
You must set the encrypt password parameter to yes in the smb.conf
file to ensure that encryption is used on passwords when they transmit
across the network during authentication.
The HP CIFS Server accepts LM, NTLM and NTLMv2 encryption
authentication methods based on client settings. NTLMv2 is the most
secure. To use NTLMv2 authentication, you need to configure the
following client registry keys:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
“lmcompatibilitylevel”=dword:00000003
The value of 0x00000003 means to send NTLMv2 responses only.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ /
MSV1_0]
“NtlmMinClientSec”=dword:00080000
The value 0x00080000 means to permit only NTLMv2 session security. If
either the NtlmMinClientSec or NtlmMinServerSec option is set to
0x00080000, the connection fails if NTLMv2 session security is not
negotiated.