- Man-in-the-middle attack: The Intruder setup a network sniffer and intercept the traffic sent when a user copies a file from one computer to another. To keep the Intruder from being able to convert the intercepted traffic to a file again, one uses Mutual Authentication.
- Active Message attack: The Intruder replays intercepted traffic. To keep the Intruder from replaying the deletion of directory or similar, one uses Message Authentication.
Note when having SMB signing enabled, then it will also add extra security when sending username and password over the network for authentication. Therefore if turning off SMB signing then one should especially consider enforcing a higher password encryption level.
Related Configure SMB signing in Win9x
Related Configure SMB signing in WinNT+