WannaCry, SMB v1, . , Microsoft SMB 2016 . , : , SMB Sonos.
« » SMB , .
SMB (Server Message Block) – . \servername\sharename. NetBIOS, UDP 137, 138 TCP 137, 139. Windows 2000 , TCP 445. SMB Active Directory .
« » – named pipes. \.\pipe\name.
, CIFS (Common Internet File System), 1980- , Windows Vista, 2006. Windows 8. Microsoft Samba.
, , . . , , WannaCry.
SMB. | | , |
| SMB 2.0 | Windows Vista/2008 | 100+ 19 |
| | «» – |
| | |
| | HMAC SHA256 MD5 |
| | \ |
| SMB 2.1 | Windows 7/2008R2 | |
| | MTU |
| | BranchCache – , |
| SMB 3.0 | Windows 8/2012 | |
| | (RDMA) |
| | Powershell |
| | VSS |
| | AES–CMAC |
| | AES–CCM |
| | HyperV |
| | Microsoft SQL |
| SMB 3.02 | Windows 8.1/2012R2 | |
| | |
| SMB 3.1.1 | Windows 10/2016 | AES–GCM |
| | SHA512 |
| | «» SMB 2.x |
, Get–SmbConnection:
Windows.
, , , . , , – . Windows Set–SmbServerConfiguration, :
Get–SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol
SMBv1 Windows 2012 R2.
Windows 2003.
, , . Windows XP 2003 SMB v1 ( NAS GNU\Linux, samba).
, SMB v1. | | |
| Barracuda | SSL VPN | |
| Web Security Gateway backups | |
| Canon | | |
| Cisco | WSA/WSAv | |
| WAAS | 5.0 |
| F5 | RDP client gateway | |
| Microsoft Exchange Proxy | |
| Forcepoint (Raytheon) | « » | |
| HPE | ArcSight Legacy Unified Connector | |
| IBM | NetServer | V7R2 |
| QRadar Vulnerability Manager | 7.2.x |
| Lexmark | , | Firmware eSF 2.x eSF 3.x |
| Linux Kernel | CIFS | 2.5.42 3.5.x |
| McAfee | Web Gateway | |
| Microsoft | Windows | XP/2003 |
| MYOB | Accountants | |
| NetApp | ONTAP | 9.1 |
| NetGear | ReadyNAS | |
| Oracle | Solaris | 11.3 |
| Pulse Secure | PCS | 8.1R9/8.2R4 |
| PPS | 5.1R9/5.3R4 |
| QNAP | | 4.1 |
| RedHat | RHEL | 7.2 |
| Ricoh | , | |
| RSA | Authentication Manager Server | |
| Samba | Samba | 3.5 |
| Sonos | | |
| Sophos | Sophos UTM | |
| Sophos XG firewall | |
| Sophos Web Appliance | |
| SUSE | SLES | 11 |
| Synology | Diskstation Manager | |
| Thomson Reuters | CS Professional Suite | |
| Tintri | Tintri OS, Tintri Global Center | |
| VMware | Vcenter | |
| ESXi | 6.0 |
| Worldox | GX3 DMS | |
| Xerox | , | ConnectKey Firmware |
Microsoft, .
, , – SMB v1 .
-
, SMB v1 , , , . SMB Windows 8/2012 Powershell, Windows 7/2008 . Powershell:
Set–ItemProperty –Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 –Type DWORD –Value 0 –Force
. .
SMB v1 lanmanworkstation. :
sc.exe config lanmanworkstation depend=bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start=disabled
, Group Policy Preferences. .
.
, :
SMB v1 .
SMB v1 .
SMB v1:
.
LanmanWorkstation, SMB v1:
.
. SMB v1 .
–
, – . , .
, SMB ? ?