Does this mean these servers are infected by the Wannacry SMBv1

  • 1
  • Question
  • Updated 1 week ago
Photo of Aisling Brennan

Aisling Brennan, Official Rep

  • 393 Posts
  • 8 Reply Likes

Posted 2 years ago

  • 1
Photo of Aisling Brennan

Aisling Brennan, Official Rep

  • 393 Posts
  • 8 Reply Likes

No, not infected with anything. What it is telling you is that the servers are communicating using the SMBv1 protocol. This protocol was the one used by Wannacry to spread around networks where patch MS17-010 was not deployed.

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

The advice would be to switch off SMBv1 or at the very least make sure this patch is applied.

Photo of Andy Hose

Andy Hose

  • 0 Posts
  • 0 Reply Likes
The writers of ransomware instill terror and fright into their wounded, producing them to click on a link or pay a deal, and user’s schemes can become ill with extra malware.