NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
SMB 1.0 (Given Wanna Cry)
Out of curiosity in the latest 6.7.1 firmware is SMB 1.0 disabled?
Can we control SMB so that it ONLY used 3.0 or 2.0-3.0 for example?
The Wanna Cry issue used an attack vendor to attack Windows machines that hadn't had a security update installed. Our NAS units don't run Windows.
The latest RAIDiator 4.1.x and RAIDiator-arm uses samba 3.5.x. The latest RAIDiator-x86 4.2.x uses samba 3.6.x
Experimental SMB2 support was added in samba 3.5.x, but really you should be using a newer version of samba to use it. 3.6 isn't much newer. I'd be wanting to use newer than that. To my knowledge we don't have any plans to update samba on these old OSes.
I think SMB2 support is turned off by default on all those models.
OS6 currently uses samba 4.4.x, a much newer samba series.
I've passed on the feature request to be able to disable SMB1 support from the GUI for OS6 devices.
The Wanna Cry issue used an attack vendor to attack Windows machines that hadn't had a security update installed. Our NAS units don't run Windows.
The latest RAIDiator 4.1.x and RAIDiator-arm uses samba 3.5.x. The latest RAIDiator-x86 4.2.x uses samba 3.6.x
Experimental SMB2 support was added in samba 3.5.x, but really you should be using a newer version of samba to use it. 3.6 isn't much newer. I'd be wanting to use newer than that. To my knowledge we don't have any plans to update samba on these old OSes.
I think SMB2 support is turned off by default on all those models.
OS6 currently uses samba 4.4.x, a much newer samba series.
I've passed on the feature request to be able to disable SMB1 support from the GUI for OS6 devices.
> The latest RAIDiator 4.1.x and RAIDiator-arm uses samba 3.5.x. The latest RAIDiator-x86 4.2.x uses samba 3.6.x
> To my knowledge we don't have any plans to update samba on these old OSes.
Give the recent CVE ( CVE-2017-7494 ) that appears wormable, it seems to me that Netgear SHOULD be patching any version of SMB 3.5 or higher, and it would be great if you did patch SMB2 or better support into these older devices (of which I have 6.)
https://isc.sans.edu/forums/diary/Critical+Vulnerability+in+Samba+from+350+onwards/22452/
We have a KB article: Security Advisory for CVE-2017-7494, Samba Remote Code Execution
As I explained in Any plans for Samba fix for CVE-2017-7494 ? we've backported the fix for that CVE to the samba versions we're using. I don't believe there are any current plans to backport newer samba series to our legacy OSes.
We've already released ReadyNAS OS 6.7.4 for our OS6 devices. The releases for the other devices are with QA.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
