List of problematic SMBv1-only hardware, from NedPyle

Topic

New Reply

No doubt you’ve been following the SMBv1 controversy, where an ancient protocol is exposing lots of machines to WannaCry-class malware. You or your co
[See the full post at: List of problematic SMBv1-only hardware, from NedPyle]

Reply | Quote

Replies

The list includes software, such as MYOB accounting, Linux Kernel, old WinOS etc., and cautions that the list is incomplete – it includes a request for notification of additional products that should be added to the list.

2 users thanked author for this post.

HiFlyer, woody

Reply | Quote

Everyone should refer to the actual list and documentation referenced in Ned Pyle’s posting.  For example, broadly targeting the “Linux Kernel” as dependent on SMB1 is inaccurate.  The Linux Kernel included SMB2+ support in version 3.7.  That was quite some time ago.  My Linux system is running the 4.4 kernel and I have no problem mapping a share to a Windows 7 or 8.1 system where SMB1 has been disabled (both client and server).

3 users thanked author for this post.

Jan K., HiFlyer, Kirsty

Reply | Quote

Kirsty wrote:

The list includes software, such as MYOB accounting, Linux Kernel, old WinOS etc., and cautions that the list is incomplete – it includes a request for notification of additional products that should be added to the list.

Because of Ned’s request for notification of products that should be added to the list, it’s a fluid document in that it’s always changing. Therefore, a good idea for everyone concerned about whether their hardware or software might be dependent upon SMB1 (and not a newer version) would be to either check with their vendor(s) directly for an answer or check Ned’s list carefully on a regular basis, like once a week or so.

Reply | Quote

My complaint with the list is its misleading nature. Many older printers and scanners can only use v.1 but which ones. It is not as if all HP, Lexmark, etc. printers and scanners are vulnerable. Including an unqualified ‘HP’ or ‘Lexmark’ implies all their products are vulnerable.

Reply | Quote

lurks about wrote:

My complaint with the list is its misleading nature. Many older printers and scanners can only use v.1 but which ones. It is not as if all HP, Lexmark, etc. printers and scanners are vulnerable. Including an unqualified ‘HP’ or ‘Lexmark’ implies all their products are vulnerable.

As stated by anonymous in post #123799, follow the listed links for each manufacturer and the literature or documents at each will tell you. For example, the link listed for HP contains a .pdf which lists the printers/multi function machines that still need SMB1 and those that do not need SMB1. After looking over the list, I found that the multi function machine attached to one of our computers needs SMB1 to fully function, so I will need to re-enable SMB1 on that computer.

HP seems to have done a halfway decent job identifying the SMB1-dependent hardware, but not all companies will do so, I’m afraid.

1 user thanked author for this post.

Kirsty

Reply | Quote

Slightly off topic here:

Do WiFi (the ones you set to use the your router, but every PC on the network needs specific drivers to be able to communicate and hence, be able to print) printers rely on SMB, of any version, to work or SMB protocols are only used for printers shared across one network?

Reply | Quote

The only answer I could give you right now for part one of your question is that this depends on the manufacturers implementation of their wireless printing (and image scanning) driver system.

Reply | Quote

My equipament is a HP P1102W Laser printer, according to its manual, it works via DHCP, as the printer receives a IP lease for it, just like any other WiFi capable device, and for a PC on the network be able to see it, and use it, they must have the HP driver installed on them. HP ePrint is turn off, so it can’t be used or communicate via internet, only via the computers in my home network that have the driver installed (1 PC and 4 notebooks).

Aparently this setup is not like a shared printer as the PCs does not communicate to each other in order to use the printing service, instead communicating directly to the printer through each own set of drivers…

I was kind of concerned it could represent a source of SMB vulnerabily in my home network, even though, the printer is not always on, pretty much I only turn it on when I’m actually going to print something, I don’t leave it in standby ever, mainly because I want to avoid having any undesired communication in the network and the fewer devices, easier it is to manage this task…

Reply | Quote

anonymous wrote:

… I was kind of concerned it could represent a source of SMB vulnerabily in my home network, even though, the printer is not always on, pretty much I only turn it on when I’m actually going to print something, I don’t leave it in standby ever, mainly because I want to avoid having any undesired communication in the network and the fewer devices, easier it is to manage this task…

Your printer model isn’t listed anywhere in the document from HP about SMB1 and SMB2 dependent printers/devices. This could very well mean that your printer doesn’t use SMB to communicate but, as you found out by reading the printer’s documentation, it may use DHCP instead.

Reply | Quote

I have a current model of wireless HP Laser Jet Pro on my home network.  I have SMB1 disabled on my Win 10 computer and can still print fine from there.

I also shut the printer off if I am not using it.

Windows 10 Pro 22H2

Reply | Quote

Bob99 wrote:

anonymous wrote:

… I was kind of concerned it could represent a source of SMB vulnerabily in my home network, even though, the printer is not always on, pretty much I only turn it on when I’m actually going to print something, I don’t leave it in standby ever, mainly because I want to avoid having any undesired communication in the network and the fewer devices, easier it is to manage this task…

Your printer model isn’t listed anywhere in the document from HP about SMB1 and SMB2 dependent printers/devices. This could very well mean that your printer doesn’t use SMB to communicate but, as you found out by reading the printer’s documentation, it may use DHCP instead.

AH D**N! My HP Officejet 6500A Plus wireless printer E710n and my aunt’s HP Officejet 4630 e-All-in-one Printer series are both on HP’s list of printers that support only SMB1. Anyways, I’m not using specific features on them that require SMB1 and they’re either connected thru USB or WiFi.

Reply | Quote

One more:
https://blogs.technet.microsoft.com/drew/2017/07/22/unc-fileshares-with-microsoft-antivirus/

Reply | Quote