[dba-Tech] Wanna Cry/WannaCrypt

[Peter Brawley]

On 5/26/2017 9:38, John R Bartow wrote:
> SMB1 has many vulnerabilities. It's basically what all the hub-bub is about
> lately, Wannacry, etc. Which pre-2008 windows are you running?

I have two win7 servers on which internet activity is rare. They're 
staying at win7 because it's such a monumental pain to configure win10 
boxes to share files across lan machines without passwords---until the 
last Windows software dependency has been replaced by Linux-compatible 
software. Will closing SMB1 break such file sharing in this interim?

PB

>
> -----Original Message-----
> From: dba-Tech [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of
> Peter Brawley
> Sent: Wednesday, May 24, 2017 5:40 PM
> To: Discussion of Hardware and Software issues
> Subject: Re: [dba-Tech] Wanna Cry/WannaCrypt
>
> Some sites are recommending that we disable SMB1 on pre-2008 Windows
> versions. Anybody know anything about that?
>
> PB
>
> -----
>
> On 5/23/2017 13:07, Jim Lawrence wrote:
>> Hi All:
>>
>> The is a rather late comment on the Wannacry worm that spread around the
> planet.
>> <rant mode on>
>> People have been quick to blame Microsoft for their hacked systems when
> the problem could have been easily blocked and recovered from by just using
> the most basic steps. I personally find it amazing that even though PCs have
> been around for a generation, few seem grasp the basics of planning for
> failure. Failure of your system is guaranteed. Consider your computer like a
> light bulb...all fail eventually and if you career or business depends on
> your data, plan for system failure one way or the other. The Wannacry worm
> was a wake up call.
>> Aside: I strong disagree with the creation and storage of hidden system
> vulnerabilities. Not matter how well hidden they always get out and if not,
> when used, they are like a gas attack. It takes a wary opponent hours to
> reciprocate and because of our highly technical society we end up getting
> hammered to pieces, far worse. Can you imagine what would have happened if
> after Japan was nuked, within hours, Japan was nuking the west coast, in
> retaliation?
>> </rant mode off>
>>
>> XP was really not the problem as how could anyone expect a ancient system
> to not be easily hackable? The real problem is that of how the system's
> routers were setup. To start with, secure mode should always be set, on the
> router. This mode shuts down every port except port 80 unless specifically
> requested by the user and that requires a manual entry. The hack, passed
> through the router, using port 139, that was used by NetBIOS and in
> conjunction with port 445, for direct TCP/IP SMB. No one uses these ports
> anymore so they should be turned off. Even as far back as 1995, when install
> Windows 3.1 workgroup, Microsoft was recommending not using applications
> that required these ports. If you want to check to see if these ports are
> open on your router or network, browse to one of many external port
> checkers. I use the following online app as it is generic and works on
> everything:
>> http://www.yougetsignal.com/tools/open-ports/
>>
>> When arriving on the opening screen find and click on the button, on the
> right saying "Scan all common ports". If ports 139 and 445 show up as open
> turn them off through your router.
>> Backup are the essential for every PC that has data that is worth
> anything. The MAC has an excellent, fully automated system called the
> timemachine, that initialises with a hard-drive image and then does a
> regular/continuous backup of all changed files. Linux has many excellent
> backup systems...a package called Cronopete emulates the features of the
> Apple Timemachine. Both these products allow your system, from a hard down,
> to operational within an hour. MS Windows may have something similar, I
> don't know...all I can say is they didn't use to.
>> I don't want to make the following appear as a rant against Microsoft but
> there are some major faults in Window design. Its greatest strength and
> weakness is it backward compatibility. With that compatibility comes an
> inability to sand-box or isolate a process, a user or application. That is
> just the way it is designed from the ground up and the cost of rebuilding
> millions of lines of ancient of code is prohibitive. I am pleased to see
> Microsoft is adopting more and more Linux modules. At one time, in the
> future, in may just become another flavour of Linux. In the meantime, while
> MS is going through this migration process, I just use Linux. Linux is also
> great for walling in and protecting your Windows servers as Linux is much
> better at being front facing. Linux today, runs most of the best routers
> (ie. Cisco) but not all are expensive and many older routers can be upgraded
> using products like OpenWrt, pfSense, OpenVPN to name but a few industry
> standards. (They are also O!
>   SS!
>>    .)
>>
>> One last comment on Windows and Linux comes from TechRepublic. A quote
> from the article goes as follows; "The important question here is this: Have
> there been any ransomware attacks on the Linux desktop? The answer is no.
> With that in mind, it's pretty easy to draw the conclusion that now would be
> a great time to start deploying Linux on the desktop.":
>> http://www.techrepublic.com/article/wannacrypt-makes-an-easy-case-for-
>> linux/
>>
>> Jim
>>    
>>
>> _______________________________________________
>> dba-Tech mailing list
>> dba-Tech at databaseadvisors.com
>> http://databaseadvisors.com/mailman/listinfo/dba-tech
>> Website: http://www.databaseadvisors.com
>>
>
>
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
>
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
>