current "NotPetya/Petrwarp" ransomware and Wannacry etc. used SMB 1.0 / CIFS for spreading along the network (and some other things). As on a client workstation it can help to disable SMB 1.0 to protect the system, it is often not possible to do the same on a server. I am asking myself, what impact it will have on the veeam-infrastructure (B&R Server, Repositories, Off-Host-Proxies..) if we disable SMB 1.0 / CIFS Sharing on these Servers. Does Veeam uses SMB 1.0 protocol in any way ?
What about Repositories on synology NAS boxes ?
My idea is to protect the backup-envoirement at least against the SMB-vulnerability. Of course, other attacks like wmic / psexec would be still there..
any suggestions ?