[Samba] Disable SMB v1

lingpanda101 lingpanda101 at gmail.com
Tue Jan 17 16:52:17 UTC 2017


Given this recent announcement 
https://www.us-cert.gov/ncas/current-activity/2017/01/16/SMB-Security-Best-Practices

How does one turn off and verify the SMB protocol setting? I'm a bit 
confused by looking at the man page for smb.conf. I have the following 
set which I believe to be the default settings.

  samba-tool testparm -v | grep "max protocol"

         client ipc max protocol = default
         client max protocol = default
         server max protocol = SMB3

samba-tool testparm -v | grep "min protocol"

         client ipc min protocol = default
         client min protocol = CORE
         server min protocol = LANMAN1

The man page states the 'min protocol' setting should never need to be 
changed. I would assume I would need to change this to SMB3 or the very 
least SMB2 to disable SMBv1? Thanks.




-- 
- James




More information about the samba mailing list