First published on TECHNET on Dec 20, 2018 Hello All,
Recently I performed a RaaS with a customer and it provided a new recommendation that I thought would be great to pass along to you.
Disable SMB1 on your server.
This is an amazing suggestion as we have other versions of the protocol to do the work for you and due to the mess caused by the Wannacrypt ransomware it has become obvious that we should clean up these older protocols. And if you can’t remember SMB or Server Message Block is a network file sharing protocol meant for sharing files, printers, etc, between computers. There are three versions – Server Message Block (SMB) version 1 (SMBv1), SMB version 2 (SMBv2), and SMB version 3 (SMBv3).
Follow these steps to Disable the protocol on a per Server basis
For Windows 7, Windows 2008, and Windows 2008 R2 via PowerShell (This requires a reboot of the server)