NetFort tips and tricks - US-CERT urges admins to firewall off Windows SMB

  • 1
  • Idea
  • Updated 3 years ago
Earlier today, a news article caught our attention, highlighting how a potential zero-day exploit in the SMB1 protocol was released by the "Shadow Brokers" hacking group.

A key takeout of the article is that “US-CERT says administrators should disable SMB1 and block all SMB traffic at network boundaries as a precaution.”

Read the article in full here: Kill it with fire: US-CERT urges admins to firewall off Windows SMB

This advice echoes prior notices advising Administrators to cease using SMB1 protocol on their networks (see our forum link below).

Why is this important to me?
The SMB1 protocol is used by older Windows Fileshare Servers and Clients and, if present on your network represents a potential vulnerability that you should eliminate.

What can I do about it?
Visit our forum to see how Netfort LANGuardian Fileshare Version reports can detect if SMB1 protocol is being used on your network. We suggest you migrate to SMB2 or SMB3 protocol (see here how to disable SMB1); a full list of Windows Server and Client versions are available here

As always, if you have any questions about any aspect of LANGuardian, please contact us on at any time.
Photo of Aisling Brennan

Aisling Brennan, Official Rep

  • 393 Posts
  • 8 Reply Likes

Posted 3 years ago

  • 1

Be the first to post a reply!