IT 4100 : File Systems and Storage Technologies
SMB
SMB
- Server message block: a protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network. (Client/server model)
- Application layer protocol (usually on top of TCP/IP)
- Originally used port 139, not uses 445
SMB Variants
- SMBv1 was released in 1984 by IBM for file sharing in DOS. Microsoft modified and updated it in 1990.
- CIFS was released in 1996 with more features and support for larger file sizes. It came together with the new Windows 95.
- SMBv2 debuted in Windows Vista in 2006. It featured a notable boost in performance because of increased efficiency — fewer commands and subcommands meant better speeds.
SMB Variants
- SMBv2.1 came with Windows 7, bringing improved performance.
- SMBv3 was introduced with Windows 8 with many updates. Most notable of which is enhanced security — the protocol started supporting end-to-end encryption.
- SMBv3.02 came together with Windows 8.1. It offered the ability to increase security and performance by completely disabling SMBv1.
- SMBv3.1.1 was released in 2015 with Windows 10. It added more security elements to the protocol, like AES-128 encryption, protection from man-in-the-middle attacks, and session verification.
SMB
Has some severe security considerations:
- wannacry ransomware
- we did an smb relay attack in 4510