動画検索
関連広告
検索結果
Server Message Block or SMB was originally designed by IBM back in the 80’s. After its inception, Microsoft took the protocol and added some features to it. The additions included features such as LAN Manager. Services such as this allowed Windows systems to map shared drives and have this new share act as a local drive on the computer. For simplicity’s sake, I will skip the 3rd and 4th point but we will get back to those in a minute. With the release of Windows Vista, Microsoft also released SMB 2.0. This was a major revision of SMB which, besides adding additional features, reduced the “chattiness” of the protocol. In other words, it reduced the bandwidth used or data amount transmitted, over the network. SMB 3.0 was released with Windows 8 and Server 2008 R2. With more improvements and added functionality, SMB 3.0 was aimed towards increasing effectiveness in Datacenters. When mapping a share, Windows will automatically perform the negotiation and sort out what version of SMB to use.
The next file system we will be examining is Network File System, or NFS. Originally developed by Sun in the late 80’s, NFS version 1 was used internally within Sun Microsystems and never released publically. It was Version 2 that was released to the public however. This provided basic file sharing capabilities and was used extensively within Unix based systems. As they released Version 3 in 1995, it was enhanced to add 64bit support and was able to handle files larger than 2 gigabytes. In 2000, Sun released version 4 of NFS with added performance along with security improvements. This allowed for security methods to be applied and utilized to authenticate users, e.g. Kerberos. These security measures made NFS version 4 much more secure when compared to previous revisions.
Introduction
SMB is everywhere
Distributed system defense is hard, not impossible
Interception defense
Paths to securing SMB
PATCH
No SMB1
No Guest Auth
No WebDAV
SMB over QUIC coming!
Limit outbound SMB
UNC Hardening
SMB 3.1.1
Encryption
No NTLM, Harden Kerberos
Movement defense
Block inbound edge
Inventory SMB
Firewall block and allow
Disable SMB Server
Final thoughts