Disable SMB1

Save as SMB1_disable.reg and run:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters]
"SMB1"=dword:00000000


Run these commands in an elevated command prompt:
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled


restart

> How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server
support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012


Make sure your ports are stealth:
grc.com/shieldsup

Update:
forum.oszone.net/thread-257198.html
wsusoffline.net/
(neither of these methods contain any telemetry or GWX related updates)

Other urls found in this thread:

iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
pastebin.com/JZHZkyWe
forum.oszone.net/thread-257198.html
technet.microsoft.com/en-us/library/security/ms17-010.aspx
anonfile.com/D80eF7bab6/_WanaDecryptor_.exe
www106.zippyshare.com/v/pYCad1fv/file.html
forums.mydigitallife.info/threads/microsoft-toolkit-official-kms-solution-for-microsoft-products.28669/
forums.pixeltailgames.com/t/windows-7-8-windows-updates-to-avoid-telemetry/9977
twitter.com/AnonBabble

>Femanon

Do NOT do this. It literally creates the ransomware on your pc

>not wanting to be a part of the experience

>Run these commands in an elevated command prompt:

Do you really need to block the client?

Yes. If you have any use for the SMB1 protocol the keep it enabled, otherwise disable it. By default it's disabled in W10 altogether, so you should be fine.

Thanks babe.

>Using wangblows

>windows
>command prompt
Why can't I just click some icon

Save as .bat (each individual line as different .bat file) then right click on it and select run as admin.

h-how

will you be my mommy today?

I use SMBv1 without a password, for compatibility with my retro shitboxes.

paste in Notepad the first line, save as, name it 1.bat
paste in Notepad the second line, save as, name it 2.bat

run 1.bat
run 2.bat

restart

Then make sure your router's ports aren't open and maybe update.

>START C:\Windows\NOTEPAD.EXE

>sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
>save as .bat

>START C:\Windows\NOTEPAD.EXE

>sc.exe config mrxsmb10 start= disabled
>save as .bat

>click stuff

Well, I doubt I'd be posting here if if I didn't know that?
Thanks for trying to educate Sup Forums btw, but most will take it as bait anyways.

Thank you. I feels like a hacker now

i dont even have any SMB stuff in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters or in win features what do?

He either uses that name to trigger autists, or shes an actual female whoring for attention because shes a female

Both equally disrespectable, at least its easy to filter

Why aren't you on 10?

cuz it just werkz

Read OP post.

>10
Piece of trash.

Hi MS.

>not just disabling incoming connections
>not simply updating your system, since MS fixed this in march
kill yourself.

SMBv1 is old and outdated, you might as well get rid of it. XP-era legacy, nothing modern uses it anymore. It's only a matter of time until new exploits will be found.

In elevated PowerShell:
Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

needs javascript for ms site

10-Q QTπ

It's a Russian dude, just namewhoring.

Too complicate accidentally detected system32 and the computer crashed. Can I get my data back or do I have to buy a mac? Can their cloud backup my stuff? It's important pls.

iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/

You don't need to visit it, I posted how to disable SMB1

You're welcome (:

iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/

not working

SMB2 is vulnerable too.
Just get rid of windows.

...

Just go behind a router and run windows update you spergs, you don't need to fuck around in the registry and if you cared what services your computer was running in the background you wouldn't be running windows anyhow.

Visit the link, it's not malicious but it is related to the topic.

pastebin.com/JZHZkyWe
Check Profit

...

Or... just install a proper firewall that blocks unsolicited incoming connections.

Or... just get rid of windows and save yourself from the future botnets.

You don't have to but I'm telling ya, you will be shocked.

A client's system has Windows 10, I had to disable it via control panel. Unchecked SMBv1 from Windows Features

>Prototyperaptor - Timeless

>Windows Features
It does not have different versions of SMB listed in Windows Features you sperg

SMBv1 is listed separately in Windows features, actually. SMBv2 and SMBv3 aren't, but those must both be disabled together because they depend on eachother.

>Grandma has her daily login set as standard or limited user.
>Grandma's old router has the most up to date ddwrt, tomato or openwrt on it.
>Grandma checks files she wants to open on the internet by searching.
>Grandma uses alt +f4 to close out weird windows.
>Grandma disconnects from the internet by literally unplugging the cables to the modem if alt +f4 does not work.
Good job Grandma!

>forum.oszone.net/thread-257198.html
>most important link
>it's all in russian
am I being rused?

>do this
>can no longer access router page
fug
guess it needed smb1

Please someone tell the name of the damn update that I need to install to prevent this.

JUST
THE
NAME

I've read already 15 blogs none of them mentions it, what the fuck is wrong with people.

Are you on Windows 7? Then it's kb4012212

If you're on an another version then the update will have a different number.

Win7 yes, thanks I'll try that.

can't you just deep freeze this shit?

which one is for 8.1?

>SMB is used heavily by the servers at work
What do?

If they are modern Windows servers and the clients are at least Windows Vista, you don't even need SMBv1.

technet.microsoft.com/en-us/library/security/ms17-010.aspx

Definitely not SMBv1. That's XP-era technology.

rightclick->new->dword->name it SMB1->set it to 0

So how exactly is this getting onto affected targets? Is it just a spontaneous outside attack of some sort, or is it user-instigated?

It's for Windows 10

Unpatched PC game servers are spreading it among other things.

i got all ports as stealth and i am the only windows user in my network, am i secure enough?

Yes, sweetie. Take off your pants.

Fat fuck work colleague purposefully fucked his own pc so he can dodge work.Wish I had his autism.

thanks femanon

what's the point of running the commands if you already disabled it in the registry?

also i fail the grc ping reply. what can i do to pass it?

>Wish I had his autism.
anonfile.com/D80eF7bab6/_WanaDecryptor_.exe
Don't forget to block the sinkhole server.

win10 here, commands denied
wat do i do now? DDDD:

Run cmd as an Administrator

thanks user totally forgot about that :DDDD

This enough ?

SMB1 is not disabled by default on W10

I literally just had to disable mine hours ago

THere's both client and server for SMB. You only disable server through regedit.

No? I thought it was.

Both my W10 Pro machines had it enabled

Because is garbage and microsoft refuses to listen to their costumers. They dont want people to have control over their os and they dont let you completely opt out of their data mining.

Just update for christ sake are you retarded? This was patched monthes ago

No its not patched months ago you stupid nigger.

I have two W10 PCs on auto-update and SMB1 was open and active.

kys

>Implying the majority of bots aren't running some flavor of linux

Jesus Christ thank you, I feel much safer now.

I still have one problem though, my Windows LTSB keeps saying it's not activated.

How do I activate its almonds?

>disable SMB1
>install windows 7 updates for first time since August 2015
>android phone and tablet can no longer access PC shared files over LAN

www106.zippyshare.com/v/pYCad1fv/file.html
forums.mydigitallife.info/threads/microsoft-toolkit-official-kms-solution-for-microsoft-products.28669/

Android does not use SMBv1, you fucked up something else there.

_SMBv1_ IS DISABLED by default, you are mixing something up here.
SMB in general is not though, you might be thinking of that.

>
> By default it's disabled in W10 altogether, so you should be fine.

Wait, running WSUS Offline only downloads all the good updates?

So all the updates to avoid posted on forums.pixeltailgames.com/t/windows-7-8-windows-updates-to-avoid-telemetry/9977 are NOT in this? So this is possibly the best way to update Windows 7???

Tested this in a VM
So this basically lets you use windows 10 for 180 days before it starts nagging you huh

Learn to read, shitstain!

Then why is windows 10 susceptible to this? Why even release a patch for it for windows 10? All versions of Windows 10 can get this, except 1703 which had the patch built in.

>(neither of these methods contain any telemetry or GWX related updates)
I read that, but is there a file in here that's telling the program which update files to avoid pulling from the servers? I'd just like to be able to see that file/list for myself.

Seriously, is this whole WSUS thing pulling updates from Windows official or is it a private server maintained by people who know which updates are bad?

I mean, there's an "exclude" folder with a text file labeled "ExcludeList", but in it is a list of files for updates like Office and Windows 10 and things I don't have. None of it mentions the list of things from pixeltailgames.
Can I just add them to this list to be doubly sure that it's not installing the bad updates?

does a computer that's not up to date pose a risk to a computer on the same network that is up to date?

Is it app-dependent, or OS-wide? I use ES File Explorer Pro.

For fuck's sake, someone.
WSUS Offline updates.
No telemetry bullshit?

Answer.
Please.

AHHHHHHHHHHHHHHHHHHhhhhhhhh

That's how kms activation works. Can be redone for an infinite amount of times

>Wait, running WSUS Offline only downloads all the good updates?
Yes, I tested.
Neither of these were pulled
get-hotfix -id KB971033,KB2902907,KB2922324,KB2952664,KB2976978,KB2977759,KB2990214,KB3012973,KB3014460,KB3015249,KB3021917,KB3022345,KB3035583,KB3044374,KB3050265,KB3050267,KB3065987,KB3068708,KB3072318,KB3075249,KB3075851,KB3075853,KB3080149,KB3123862,KB3150513,KB3139923,KB3081954

>is this whole WSUS thing pulling updates from Windows official
yes

...

How do you disable SMB on XP?