SMB/CIFS aka “Windows Filesharing”
Jan 2020: Due to the recent Ransomware attack which affected the School of SEMS, as a precautionary action we have DISABLED access via the SMB/CIFS protocol to group shares on the staff login-server ‘frank’, from the following networks:
- Eduroam (Wifi)
- EECS Self-Managed
- ITS Self-Managed
- VPN
- Out-of-campus (Internet)
Access to group shares on frank is only allowed over the SSH or sFTP protocol on port 22, using one of the recommended software here: SFTP (Secure FTP)
Why did we do that?
Recent malware and ransomware attack vectors can affect, not only a personal client device, but also any network shares attached to them via SMB protocol. Blocking group shares over SMB protocol and using the SSH/sFTP protocol instead, reduces -if not eliminates- the security risks from any infected self-managed devices to also attack any Staff/Research group shares on the staff fileserver.
Recent malware and ransomware attack vectors can affect, not only a personal client device, but also any network shares attached to them via SMB protocol. Blocking group shares over SMB protocol and using the SSH/sFTP protocol instead, reduces -if not eliminates- the security risks from any infected self-managed devices to also attack any Staff/Research group shares on the staff fileserver.
If you still need to read the old guide for SAMBA for personal usage, you can find it here: http://support.eecs.qmul.ac.uk/services/smb-cifs-deprecated/