cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion

SMBv1, yes that 30 year old Protocol is broken!

Another call to arms by Microsoft for Exchange Admins to stop using SMBv1. The original SMB1 protocol is nearly 30 years old , and like much of the software made in the 80’s, it was designed for a world that no longer exists.

 

SMBv1 isn’t safe!

 

When you use SMB1, you lose key protections offered by later SMB protocol versions:

3 Replies
JKWiniger
Community Champion

See this is one of those things that makes me feel dumb! I sit her in disbelief going, well I have had all my stuff on SMBv3 for a long time, are there really people still using v1? Insert Big Bang meme here with Sheldon going "BUT WHY!!!" To me upgrading to newer things is just common sense as I get better security and functionality so why wouldn't I do it. On Ubuntu I found I could connect to my NAS easier with v3... for those who might not have done it, it your fstab just add vers=3.0 and make sure the other side is set to 3.0.. but I digress...

 

John-

 

Ps. If it's not broken, upgrade it!

diversivolent
Viewer II

Pretty much everyone who hasn't been living under a rock knows that SMBv1 is broken. The more valuable thinking is 2nd or 3rd order from "we need to turn off SMBv1".

Who in your organization is responsible for upgrading and why don't they have the time, resources, or knowledge to get the job done?

 

What directly competing interests are taking priority?

 

Is management aware of the risk and willing to accept it?

 

What aspects of your company's culture are preventing this from being fixed, or discouraging your sysadmins from caring about issues such as this one? Is management contributing to these culture issues?

 

These are much more interesting questions to ask rather than just pointing a finger and saying SMBv1 = bad!

denbesten
Community Champion

Muddying the waters, SMBv3 now has a disclosed vulnerability with no patch available. Still agree v2 and v1 ought to be disabled, following the theory that one should only run apps/services/hw/etc. that have not been end-of-life'd by the manufacturer.  It's just a harder sell for the next month or so until it becomes a good example of why we preach maintenance.