diff --git a/CHANGELOG b/CHANGELOG
index ee95c3524..e43961e62 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE][GH#1254] Handle an error condition in smb-vuln-ms17-010 caused by IPS
+  closing the connection. [Clément Notin]
+
 o [NSE] https-redirect detects HTTP servers that redirect to the same port, but
   with HTTPS. Some nginx servers do this, which made ssl-* scripts not run
   properly. [Daniel Miller]
diff --git a/scripts/smb-vuln-ms17-010.nse b/scripts/smb-vuln-ms17-010.nse
index 26725da7f..e9fb006ae 100644
--- a/scripts/smb-vuln-ms17-010.nse
+++ b/scripts/smb-vuln-ms17-010.nse
@@ -129,6 +129,12 @@ local function check_ms17010(host, port, sharename)
     end
 
     local result, smb_header, _, _ = smb.smb_read(smbstate)
+    if not result then
+      stdnse.debug1("Error reading SMB response: %s", smb_header)
+      -- error can happen if an (H)IPS resets the connection
+      return false, smb_header
+    end
+
     local _ , smb_cmd, err = string.unpack("<c4 B I4", smb_header)
     if smb_cmd == 37 then -- SMB command for Trans is 0x25
       stdnse.debug1("Valid SMB_COM_TRANSACTION response received")