Smb1 Windows 10 Disable
SMBv1 is an outdated protocol that is attacked by ransomware viruses, such as WannaCry. Consider how to disable the SMBv1 protocol in Windows and completely block it.
Why do you need SMBv1 support on Windows?
SMBv1 is an obsolete file sharing protocol that is around 30 years old. In this connection, various types of viruses can be used, like a gate that provides access to our computer. A sensational confirmation of this is the WannaCry ransomware virus, which infected tens of thousands of operating systems, encrypted files on them and demanded payment for decrypting the data.
Problems could have been avoided if the protocol had been turned off on the computer. And yet, it is worth turning it off. Despite the fact that Microsoft has released patches to fix the vulnerability even for older systems, it is not known that after a while one more iteration of the WannaCry virus, which uses the leaky SMBv1 protocol in another way, will not appear. Consider how to completely disable the protocol in Windows XP, 7, 8, 8.1, and 10?
Shutting down SMBv1 on Windows 7, Server 2008, Server 2008 R2
Open the Start menu, and then use the search engine to find PowerShell. In the list of search results, right-click on it and select “run as administrator”.
In the PowerShell window, enter the following command to disable SMBv1:
Set-ItemProperty.Path “HKLM: \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters” SMB2.Type DWORD.Value 0.Force
After executing the command, restart Windows. Thus, it is possible to block the penetration of viruses by completely disabling smbv1 support.
Shutting down SMBv1 on Windows 8 and above
Go to the Control Panel, and then in “Programs. Removing Programs.” A list of programs installed on the system opens. In the left menu, click on the “Enable or Disable Windows Components” button.
A window will appear in which we will be able to manage individual Windows functions. Here you need to find SMBv1 and disable it.
Support for file sharing SMB1.0 / CIFS
By default, a check mark is set next to this entry, which means that the function is activated. Remove it and click on OK to disable it.
The progress indicator for turning off the function appears. Then click on the “Reboot” button to complete the shutdown by restarting the computer. After the reboot, the protocol will be completely disabled.
Additional port blocking with a firewall
If you want to protect yourself even more, a good idea is to block the ports that SMBv1 uses. These are 445 TCP and 137-139 UDP. They can be easily disabled using the built-in firewall.
Using System Search, on the Start menu, locate the Windows Firewall tool. In the firewall window, right-click on the “Rules for incoming connections” field and select “New Rule”.
Enter the type “Port” here and click “Next”. In the next step, you need to specify the type. Select TCP, and then in the Defined Local Ports field, enter 445.
Click on the “Next” button. In the next window, select the action with the specified port. Check the box next to “Block connection.”
Click “Next” and leave all other settings unchanged. In the last step, enter a name for the created rule. for example, “Block 445” and click “Finish”.
The created rule will block port 445. Now create a rule to block UDP ports in the range 137-139. Do everything the same way, just type in UDP, and enter 137-139 in the “Defined Local Ports” field.
Thus, two rules have been created that block the connection on the ports and thereby virus attacks that penetrate this protocol.