Disabling SMB1 by default
Moritz Bechler
bechler at agno3.eu
Wed Jun 21 07:34:38 UTC 2017
Hi,
> Can we do a multi-protocol negotiate and just specify supported dialects
> of "2.002" and "2.???"? Then we wouldn't get a reset from servers that
> don't support SMB2, while still enforcing SMB2+.
>
According to the specs that should be perfectly legal and fully covered
by mandatory behaviors
- An SMB2+ capable server must check for a SMB_COM_NEGOTIATE, 2.02
servers must use SMB2 if the 2.002 dialect is present, 2.1+ servers must
use SMB2 if the 2.??? dialect is present -> every SMB2 capable server
must pick SMB2.
- An non-SMB2 capable server must check the list of dialects, if none
matches must set DialectIndex to 0xFFFF and use core protocol -> even if
this is not properly implemented we should get a SMB1 negotiate response.
regards
Moritz
--
AgNO3 GmbH & Co. KG, Sitz Tübingen, Amtsgericht Stuttgart HRA 728731
Persönlich haftend:
Metagesellschaft mbH, Sitz Tübingen, Amtsgericht Stuttgart HRB 744820,
Vertreten durch Joachim Keltsch
More information about the samba-technical
mailing list