Calgaryn.com - Everything Calgary Forums  

Go Back   Calgaryn.com - Everything Calgary Forums > Cell Phone Talk > TELUS Home Services & Devices
Reload this Page Bug/Security Vulnerability for shared drives on V3200M
Register FAQ Members List Calendar Today's Posts

Reply
 
Thread Tools Search this Thread Display Modes
 
Old 04-07-2012, 03:13 AM
news news is offline
Senior Member
  
Join Date: Feb 2012
Posts: 1,885,407
Default Obama Embraces National Security as Campaign Issue
Reply With Quote
  #1  
Old 07-27-2017, 12:49 AM
wireless wireless is offline
Senior Member
  
Join Date: Feb 2012
Posts: 87,478
Default Bug/Security Vulnerability for shared drives on V3200M
We can add a shared network drive to this router (and perhaps others) by plugging an external drive into the usb port, and setting it up in the options.

However, it currently ONLY supports the SMB1 protocol. This is disabled by default in the next update for Windows, and already disabled by default for users in the 'windows insider' program. This is because of ransomware viruses exploiting the SBM1 protocol and it is a security update.

In order to access the shared drive on Windows, we have to access the administrative settings in the 'Windows Features', which is not something we should have to do. We should not have to override our security settings in order to run a vulnerable, extremely out of date! file sharing protocol.

You CAN also use SMB2 or SMB3 protocols. Currently, the shared network drive is ONLY accessible through SMB1! I don't know if it is a licensing issue with Microsoft, but the current situation is going to be a disaster once the update rolls out to regular users.

For more information, see, e.g., http://thehackernews.com/2017/06/win...tone3-smb.html or other things from google.

Quotation of the first few sentences:
  1. The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update.

    The SMBv1 is one of the internet's most ancient networking protocols that allows the operating systems and applications to read and write data to a system and a system to request services from a server.

    The WannaCry ransomware, which wreaked havoc last month, was also leveraging an NSA's Windows SMB exploit, dubbed EternalBlue, leaked by the Shadow Brokers in its April data dump.


    The WannaCry ransomware menace shut down hospitals, telecommunication providers, and many businesses worldwide, infecting hundreds of thousands of unpatched Windows servers running SMBv1 in more than 150 countries within just 72 hours on 12th of May.

    Although Microsoft patched the vulnerability in SMBv1 in March in MS17-010, the company meanwhile strongly advised users to disable the three decades old protocol completely.

We shouldn't ALL have to do this in a few months. Upgrade the sharing protocol software please!



https://bhzof35755.i.lithium.com/t5/...e?v=1.0&px=999


More...
Reply With Quote
Reply

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 08:09 PM.

Contact Us - Calgaryn.com - Everything Calgary Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
Copyright 2000-2013 Calgaryn.com