adam's notes

Server Message Block (SMB)

  • file and print services allow network clients to share access to disk and printer resources
  • on a Windows network, the File/Print Sharing Service is provided by the Server Message Block (SMB)

Server Message Block (SMB) is an application protocol used for requesting files from Windows servers and delivering them to clients.

  • allows machines to share files and printers, thus making them available for other machines to use
  • SMB client software is available for UNIX-based systems
  • Samba software allows UNIX and Linux servers or NAS appliances to run SMB services for Windows clients
    • Also called Common Internet File System (CIFS)
    • allows a windows client to access a linux host as though it were a Windows file or print server
    • allows Linux hosts to access file/printer shares hosted on Windows
  • on legacy networks, SMB ran as part of an older network services protocol called NetBIOS on TCP port 139
  • if no legacy client support is required, SMB is run over TCP port 445
  • SMB should be restricted to used only local networks
  • NetBios port ranges 137-139 and port 445 should be blocked by a perimeter firewall
  • SMB version 3 supports message encryption
    • can be enabled on a file server or on a per-share basis
    • an encrypted share can only be access by an SMB 3.0 or higher client

Info

  • SMB has gone through several updates
    • SMB3 is current version
    • SMB1 has serious security vulnerabilities and is disabled by default on Windows

Graph View

Backlinks