WannaCry prevention notes

Few useful PowerShell commands:

Set-SmbServerConfiguration -EnableSMB1Protocol $false - disables smb1

Win7 and earlier: PS v2

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force

or to do it via the registry:
To enable or disable SMBv1 on the SMB server, configure the following registry key:
Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\ParametersRegistry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled

To check SMB version:

PS C:\> Get-SmbConnection

ServerName ShareName UserName Credential Dialect NumOpens
---------- --------- -------- ---------- ------- --------
smb media domain\administrator domain\Administrator 3.00 2

Microsoft source: here


Linux Samba
To disable samba 1 add the following line to the [global] section of the /etc/samba/smb.conf

min protocol = SMB2

then restart the samba service

Windows 10 and problems accessing smb shares

Last night I had to do some testing under Windows 10 and to my surprise I was unable to access smb network share.

I have done some investigation and it would appear that Windows 10 will try to negotiate SMB3_11, which Samba 4.1.1  doesn’t yet support except in the current 4.3 release candidate.

To fix this I disabled SMB 3 and enabled v1:

To disable SMBv2 and SMBv3 on the SMB client, run the following commands:

sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi 
sc.exe config mrxsmb20 start= disabled
To enable SMBv1 on the SMB client, run the following commands:
sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi 
sc.exe config mrxsmb10 start= auto

After restarting Win10 instance I was back in action.
See more here

Debian – Setting up Samba Standalone Server

Installation:

open terminal and install samba package and dependencies:

$sudo apt-get install libcupsys2 samba samba-common

The config:

open: /etc/samba/smb.conf

remove the content and paste this:

[global]
workgroup = WORKGROUP
netbios name = debianserver
server string = %h server (Samba %v)
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0

[Shared]
  comment = Shared Drive
  path = /home/shared/
  valid users = @users
  force group = users
  create mask = 0660
  directory mask = 0771
  writable = yes

[homes]
   comment = Home Directories
   browseable = no
   valid users = %S
   writable = yes
   create mask = 0700
   directory mask = 0700

 

Add users:

useradd user1 -m -G users

Set a password for tom in the Linux system user database. If the user user1 should not be able to log in to the Linux system, skip this step.

passwd user1

-> Enter the password for the new user.

Now add the user to the Samba user database:

smbpasswd -a user1

-> Enter the password for the new user.

Now from Windows workstation browse the debian server, i.e.: \\10.0.0.10\ or \\10.0.0.10\user1

And restart samba service:

service samba restart

Job done.

 

Reference links:

http://www.howtoforge.com/debian-wheezy-standalone-server-with-tdbsam-backend

http://www.debianhelp.co.uk/samba.htm