D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] windows 7 smb vulnerability

 

Simon Waters wrote:
>
> Obviously SMB2 is a lot more complex than SMTP or ESMTP, but it seems
> here that Microsoft have just screwed up big time with the
> implementation. It would be funny except in a couple of years this will
> be how most office networks "work".

I think the Checkpoint article is largely irrelevant, no sane person is
going to expose Microsoft's office networking protocols to the Internet.

The primary danger of these kinds of weaknesses is they'll be exploited
internally.

I guess if you are the kind of organisation that deploys Checkpoint
firewalls between say Office client systems and servers, it might help.

But I've never seen such an organisation, and I've seen quite a lot. I
know some such organisations exist, and it wouldn't surprise me if some
big financial institutions do that sort of thing internally (probably
mostly for monitoring).

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html