[Info-vax] SAMBA and Ransomeware
Arne Vajhøj
arne at vajhoej.dk
Sun Jul 16 16:30:36 EDT 2017
On 7/16/2017 3:26 PM, Scott Dorsey wrote:
> Stephen Hoffman <seaohveh at hoffmanlabs.invalid> wrote:
>> Ned Pile of the Microsoft SMB team has repeatedly stated that running
>> SMB 1 is very bad, and needs to stop. Here's a longer write-up on that
>> topic:
>>
>> https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/
>>
>> Samba 3.6 and later support SMB 2 (from 2011) and Samba 4.3 added SMB
>> 3.1.1 (2015). The OpenVMS CIFS port is based on 3.0.28a. So...
>> there's no way around using SMB 1 with the current Samba port.
>
> This is true and unfortunate.
>
> Some of the issue here is that the SMB protocol really wasn't designed for
> security, and Microsoft over the years has tacked more and more stuff on it
> to improve security and availability. We can expect that they will continue
> to do this in the future.
>
> This means that SMB is a moving target, and any attempt at supporting SMB
> is going to require constant attention and a lot of updating. There is no
> way around that I fear.
Like web browsers, web servers, browser plugins, JavaScript engines,
SSL libraries, application servers, CMS'es, mail servers and
a ton of other stuff.
Arne
More information about the Info-vax
mailing list