Hi all,
current "NotPetya/Petrwarp" ransomware and Wannacry etc. used SMB 1.0 / CIFS for spreading along the network (and some other things). As on a client workstation it can help to disable SMB 1.0 to protect the system, it is often not possible to do the same on a server. I am asking myself, what impact it will have on the veeam-infrastructure (B&R Server, Repositories, Off-Host-Proxies..) if we disable SMB 1.0 / CIFS Sharing on these Servers. Does Veeam uses SMB 1.0 protocol in any way ?
What about Repositories on synology NAS boxes ?
My idea is to protect the backup-envoirement at least against the SMB-vulnerability. Of course, other attacks like wmic / psexec would be still there..
any suggestions ?
Thx
Bruno
-
- Enthusiast
- Posts: 36
- Liked: 6 times
- Joined: Sep 02, 2014 7:16 am
- Full Name: Bruno
- Contact:
-
- Veteran
- Posts: 391
- Liked: 56 times
- Joined: Feb 03, 2017 2:34 pm
- Full Name: MikeO
- Contact:
Re: Disabling SMB 1.0 / CIFS on Veeam Servers (NotPetya)
Nothing ran like that for awhile when I didnt want to patch
post243062.html?hilit=smb#p243062
post243062.html?hilit=smb#p243062
-
- Veteran
- Posts: 528
- Liked: 144 times
- Joined: Aug 20, 2015 9:30 pm
- Contact:
Re: Disabling SMB 1.0 / CIFS on Veeam Servers (NotPetya)
We have SMBv1 fully disabled in our environment on all servers and clients and it causes no issues with Veeam.
-
- Enthusiast
- Posts: 36
- Liked: 6 times
- Joined: Sep 02, 2014 7:16 am
- Full Name: Bruno
- Contact:
Re: Disabling SMB 1.0 / CIFS on Veeam Servers (NotPetya)
Thank you for the answers.
Did you do this manually (remove the feature / edit registry) or did you only full patch all servers ( MS17-010 ) ?nmdange wrote:We have SMBv1 fully disabled in our environment on all servers and clients and it causes no issues with Veeam.
-
- Influencer
- Posts: 23
- Liked: never
- Joined: Jul 18, 2017 1:58 pm
- Full Name: Helen
- Contact:
Re: Disabling SMB 1.0 / CIFS on Veeam Servers (NotPetya)
Thanks for your replies on this. I came to this forum as Veeam support wasn't able to answer if Veeam had any dependency on SMBv1 and suggested looking here.
Who is online
Users browsing this forum: amirshnurman, Bing [Bot] and 300 guests