Samba says that its next version will deactivate the previously activated support by default for the old and easily subverted SMB1 protocol. It can be re-enabled for those who are really desperate to use the abandoned obsolete protocol version.
Developers of the open source SMB toolkit say that the Samba 4.11 build, currently in preview, will default to SMB2_02 as the oldest supported version of the Windows file – sharing protocol.
"This means that customers without support for SMB2 or SMB3 can no longer connect to smbd (by default)," read the notes in version 4.11.
"It also means client tools like smbclient and others, as well as applications that use libsmbclient can no longer connect to servers without support for SMB2 or SMB3 (default)."
Administrators will still have the option to allow SMB1 on their servers if they wish, but support will be disabled by default.
The move of Samba to discard SMB1 may be seen as a delay, since Microsoft has been moving to get rid of the file server protocol version of its operating systems for several years, even before it was re It became one of the NSA's favorite weak spots to exploit.
The latest version of Windows 10 Insider pulls the trigger on the SMB1
From the Windows 10 1709 version in 2017, both the Windows and desktop versions of Windows stopped be compatible with SMB1, and since 2016 Microsoft urged administrators to remove the protocol version completely.
"The original SMB1 protocol is almost 30 years old, and like much of the software made in the 80s, it was designed for a world that no longer exists," said Ned Pyle of Microsoft at the time.
"A world without malicious actors, without large sets of important data, without almost universal use of computers, and frankly, its ingenuity is amazing when viewed in modern eyes."
While the Samba team notes Microsoft's efforts to eliminate SMB1, including the loss of support in Windows, developers also note that there may still be limited cases in which the protocol version is necessary, and administrators who still need SMB1 are advised to send their comments.
"It is still possible to allow the SMB1 dialects, for example NT1, LANMAN2 and LANMAN1 for client and server, as well as CORE and COREPLUS on the client," notes the notes.
"Note that most command-line tools, for example, smbclient, smbcacls, and others also support the –option argument to overwrite the smb.conf options, for example: –option = & # 39; client min protocol = NT1 & # 39; could be useful. "®
Balance consumerization and corporate control.