[Samba] How secure is SMB3 over internet?
Jeremy Allison
jra at samba.org
Fri Oct 19 18:39:23 UTC 2018
On Fri, Oct 19, 2018 at 08:31:54PM +0200, jmqaodmthr1acosyg--- via samba wrote:
> Thanks for the reply. I was checking this with several IT professionals and the consensus was that it should never be exposed over the internet (even SMB3.0) and they all recommended to use it over SSH or VPN. A couple of people said there are more security professionals venting/using/supporting SSH which is why they recommend using that.
> I was just wondering, would this just be the leftover stigma from the SMB1 and SMB2 days?
Yes, that's exactly what it is.
Microsoft would not be exposing SMB3+ directly into
Azure if there were any protocol/implementation issues.
More information about the samba
mailing list