[Samba] Does WannaCry Ransmonware affect Samba?

Rowland Penny rpenny at samba.org
Thu May 18 12:32:30 UTC 2017

On Thu, 18 May 2017 08:11:08 -0400
lingpanda101 via samba <samba at lists.samba.org> wrote:

> Hello,
>      Up till today I have only heard that it affects Windows clients
> and Servers. However I received this today that sparked my question
> https://ics-cert.us-cert.gov/sites/default/files/FactSheets/ICS-CERT_FactSheet_WannaCry_Ransomware.pdf
> This suggests blocking port 445 for Samba specifically. First
> wouldn't blocking port 445 break all file and printer sharing
> functionality? Second isn't this port needed even by Windows for SMB?
> I'm confused. Thanks.

I think what they are trying to say is:

Whilst wannacry will have no affect to a Samba server, if it is on a
Samba share that you connect to, your Windows computer may get infected.

The cure seems to be, turn off file sharing with the Samba server, it
might as well have said 'Go to Samba server, identify the power lead
and pull it out of the power socket' ;-)



More information about the samba mailing list