Copying files between computers

Copying a remote file to local computer

Editing a file on a remote computer

SMB Permissions

SMB on other devices

Conclusion

Server Message Block or SMB was originally designed by IBM back in the 80’s. After its inception, Microsoft took the protocol and added some features to it. The additions included features such as LAN Manager. Services such as this allowed Windows systems to map shared drives and have this new share act as a local drive on the computer. For simplicity’s sake, I will skip the 3rd and 4th point but we will get back to those in a minute. With the release of Windows Vista, Microsoft also released SMB 2.0. This was a major revision of SMB which, besides adding additional features, reduced the “chattiness” of the protocol. In other words, it reduced the bandwidth used or data amount transmitted, over the network. SMB 3.0 was released with Windows 8 and Server 2008 R2. With more improvements and added functionality, SMB 3.0 was aimed towards increasing effectiveness in Datacenters. When mapping a share, Windows will automatically perform the negotiation and sort out what version of SMB to use.

The next file system we will be examining is Network File System, or NFS. Originally developed by Sun in the late 80’s, NFS version 1 was used internally within Sun Microsystems and never released publically. It was Version 2 that was released to the public however. This provided basic file sharing capabilities and was used extensively within Unix based systems. As they released Version 3 in 1995, it was enhanced to add 64bit support and was able to handle files larger than 2 gigabytes. In 2000, Sun released version 4 of NFS with added performance along with security improvements. This allowed for security methods to be applied and utilized to authenticate users, e.g. Kerberos. These security measures made NFS version 4 much more secure when compared to previous revisions.

What is SMB?

How does the SMB protocol work?

Versions of the SMB protocol

SMB version 3

How to disable the SMBv1 protocol

File Sharing Protocols

Nfs

Cifs/Smb

CIFS vs. SMB

Conclusion

Introduction

SMB is everywhere

Distributed system defense is hard, not impossible

Interception defense

Paths to securing SMB

PATCH

No SMB1

No Guest Auth

No WebDAV

SMB over QUIC coming!

Limit outbound SMB

UNC Hardening

SMB 3.1.1

Encryption

No NTLM, Harden Kerberos

Movement defense

Block inbound edge

Inventory SMB

Firewall block and allow

Disable SMB Server

Final thoughts

Welcome

Network Services

What does SMB stand for?

What systems does SMB run on?

Enumerating SMB

Analyzing results

Enumerating SMB protocol

Connecting to the share

Connecting to SMB

Conclusion

Types of SMB security

Purpose of security

Authentication

Kerberos

Message Signing

SMB Encryption

SMB Message Signing

Message Signing & Encryption

Encryption

Conclusion

Introduction

Business Criteria

Brainstorming Ideas

Finding Potential Businesses

Obtain the name of the SMB share

Configuring the SMB share

Adding a new network storage object

Configuring SMB Network Storage

Testing the connection

SMB Network Storage Object

Mapping Network Storage To A User's Virtual Path

Uploading a file

Conclusion

What Is Manage File Transfer

Manage File Transfer

What Is Smb and How Does It Fit

Encryption

Pre-Login Authentication

Pre Login Authentication

What Are the Most Important Security Features of Jnq the Product

What Is the Advantages of Control Incorporation into Manage File Transfer Solution

Security

How to Enable SMBv2

How to disable SMBv3

Verify SMBv3 from Registry

Summary