ezhik

Members
  • Content count

    163
  • Joined

  • Last visited

Community Reputation

5 Neutral

About ezhik

Converted

  • Gender
    Undisclosed
  1. Mine is working just fine with these: ~/.smb/smb.conf [global] client min protocol = SMB2 client max protocol = SMB3 client lanman auth = no client plaintext auth = no client NTLMv2 auth = yes #-- I am running Ubuntu 16.04, what are you running? I have these packages installed: - cifs-utils - samba-common - samba-libs
  2. Try this: ezhik@z97x:~$ cat .smb/smb.conf [global] client min protocol = SMB2 client max protocol = SMB3 client lanman auth = no client plaintext auth = no client NTLMv2 auth = yes
  3. Also, for anybody using /etc/fstab mounts for cifs, make sure you use vers=3.0. Example: /etc/fstab # unraid mounts on debian 8 //my-unraid-host/media/family /media/unraid/family cifs credentials=/root/.smbcredentials,iocharset=utf8,sec=ntlmsspi,vers=3.0 0 0 -- Cheers.
  4. For those that run Kodi, create or edit the smb.conf for the user that kodi runs under: ~/.smb/smb.conf -- [global] client min protocol = SMB2 client max protocol = SMB3 client lanman auth = no client plaintext auth = no client NTLMv2 auth = yes --
  5. Figured it out. Incorrect syntax. -- min protocol = SMB2 guest ok = no null passwords = no lanman auth = no restrict anonymous = 2 encrypt passwords = yes server signing = mandatory ntlm auth = no --
  6. Yeah, the settings are not being applied.
  7. I tested this with Nessus. There are a few vulnerabilities that are reported: SMB Related: --- Windows NetBIOS / SMB Remote Host Information Disclosure Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check) Microsoft Windows SMB NativeLanManager Remote System Information Disclosure Microsoft Windows SMB Service Detection
  8. I can confirm these settings are not being applied: Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check) Description The remote Windows host supports Server Message Block Protocol version 1 (SMBv1). Microsoft recommends that users discontinue the use of SMBv1 due to the lack of security features that were included in later SMB versions. Additionally, the Shadow Brokers group reportedly has an exploit that affects SMB; however, it is unknown if the exploit affects SMBv1 or another version. In response to this, US-CERT recommends that users disable SMBv1 per SMB best practices to mitigate these potential issues.
  9. Yeah so doesn't look like these settings are actually applied in "Samba extra configuration" section of the configuration. Devs, can you actually confirm that this is the correct syntax for the settings and it doesn't have to be separated in any shape or form other than EOL? --- min protocol = SMB2guest ok = nonull passwords = nolanman auth = norestrict anonymous = 2encrypt passwords = yesserver signing = mandatoryntlm auth = no
  10. FYI: https://blog.varonis.com/the-difference-between-cifs-and-smb/
  11. I have the following in: Samba extra configuration: min protocol = SMB2guest ok = nonull passwords = nolanman auth = norestrict anonymous = 2encrypt passwords = yesserver signing = mandatoryntlm auth = no
  12. I agree with you. REDs are intended for a small home NAS (1-5 drives). I've had REDs, back then they were not reliable. But then again, I jumped on them when they were just released.
  13. RE4 > REDS. Reds are garbage compared to RE4.
  14. For sale: 2 x Fujitsu D2607-8i (Flashed to 9211-8i) $80 each 2 x iStarUSA BPN-DE350SS-RED 3 x 5.25" to 5 x 3.5" SAS/SATA 6.0 Gb/s Trayless Hot-Swap Cage https://www.newegg.com/Product/Product.aspx?Item=N82E16816215344&cm_re=istarusa_3_x_5.25_to_5_x_3.5-_-16-215-344-_-Product $60 each 1 x (3 x 5.25 into 4 x 3.5 enclosure) - https://www.newegg.com/Product/Product.aspx?Item=N82E16816132037 $40 Heat: https://www.heatware.com/u/31052 Location: Montreal, Canada Ship to: USA/Canada
Copyright © 2005-2017 Lime Technology, Inc. unRAIDĀ® is a registered trademark of Lime Technology, Inc.