Hey guys,
long time no see!
As you may be aware, there has been some malware activities within last few days and your Windows environments could be affected as well. One of the recommendations is to disable SMB v1 protocol and here’s how to do it using Powershell.
First, get the configuration
>= Windows 2012 systems
Get-SmbServerConfiguration | select "*enablesmb*"
Windows 2008 systems (Vista, 7)
Get-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1
If it returns something like “Cannot find path” it has not been configured, therefore it is enabled.
You can see whether SMB v1 is enabled or not, if it is, run following command to disable it.
>= Windows 2012 systems
Set-SmbServerConfiguration -EnableSMB1Protocol $false
Windows 2008 systems (Vista, 7)
Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1 -Value 0 –Force
Let me know whether it worked for you or not.
Have a good day!
Robot(ICT) guy