Results 1 to 4 of 4

Thread: SMB Security?

  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    The steamy Middle East
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi!

    I use Microsoft File and Printer Sharing on my home LAN a lot, and I'm beginning to worry about WiFi spies.

    Is MS SMB logon encrypted at all, or is all of the logon information sent in plaintext?
    Is the data transfer itself encrypted?

    References, please, if possible!

    Thanks.
    D.
    Good luck.
    D.

  2. #2
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    You do not say what OS you are using. I also have File and Print Sharing enabled on my home network. Your network is only as safe as the encryption you use on the network, and the Security you have set up in your version of Windows. Each version of Windows has become more secure than the last. Win 7 (which I use) is reported as the most secure OS to date. If your network router is set with it's highest level of security (WPA2), your router has it's hardware firewall active, your OS security is up to date with a software firewall monitoring traffic, and you have taken all the common sense precautions to secure your network including good passwords, then your network should be secure. This all makes it much more difficult for nefarious individuals to tap into your network in a drive by attack. Since these people are looking for easy prey, these precautions generally scare away the individuals looking for easy pickings.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    The steamy Middle East
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hmmm. I don't think that I asked, though, about encryption or security on other levels of the PHP/IP stack, or other levels of the OSI model, or in other parts of Windows, or in other parts of my hardware, or about keeping my front door locked, or about not forgetting my netbook on the train.

    Is MS SMB logon encrypted in SMB at all, or is all of the logon information sent in plaintext?
    Is the data transfer itself encrypted, in SMB?

    Just in case different versions of Windows have different versions of SMB with different types of encryption: I am running WinXP Pro SP2, WinXP Pro SP, and Win7 Pro.

    Thanks.
    D.
    Good luck.
    D.

  4. #4
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    South of the North Pole
    Posts
    919
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I'm backing Ted, WiFi needs to be encrypted to WPA and your done, doesn't matter what is sent then or what else is secure, no one can tap in, doesn't matter if one small component here or there is plaintext or not.

    From the router to any web server is another matter, then you want HTTPS or VPN or whatever else is pertinent, again, so one doesn't have to worry about any sub portion being in the clear or not.

    Local encryption/security for something isolated like SMB logon is then only a concern with other parties who you know are using the same local network as you are, which might be a business or other family members or flatmates. If that's the question here then, I dunno about that specifically.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •