COMMAND

	SMB Signature downgrade attack

SYSTEMS AFFECTED

	 Microsoft Windows 2000 
	 Microsoft Windows XP 

PROBLEM

	From Microsoft Security Bulletin MS02-070 :
	
	http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-070.asp
	
	
	"A flaw in the  implementation  of  SMB  Signing  in  Windows  2000  and
	Windows XP could enable  an  attacker  to  silently  downgrade  the  SMB
	Signing settings on an affected system. To do this, the  attacker  would
	need access to the session negotiation data as it was exchanged  between
	a client and server, and would need to modify the data  in  a  way  that
	exploits the flaw. This would cause  either  or  both  systems  to  send
	unsigned data regardless of the signing  policy  the  administrator  had
	set."

SOLUTION

	see, http://www.microsoft.com/security/security_bulletins/ms02-070.asp