Отключение SMB 1.0 на стороне сервера

Отключение SMB 1.0 на стороне сервера

Протокол SMB 1.0 может быть отключен как на стороне клиента, так и на стороне сервера. На стороне сервера протокол SMB 1.0 обеспечивает доступ к сетевым папкам SMB (файловым шарам) по сети, а на стороне клиента – нужен для подключения к таким ресурсам.

С помощью следующей команды PowerShell проверим включен ли протокол SMB1 на стороне сервера:

Get-SmbServerConfiguration

Как вы видите, значение переменной EnableSMB1Protocol = True.

Итак, отключим поддержку данного протокола:

Set-SmbServerConfiguration -EnableSMB1Protocol $false -Force

И с помощью командлета Get-SmbServerConfiguration убедимся, что протокол SMB1 теперь выключен.


Чтобы полностью удалить драйвер, обрабатывающий доступ клиентов по протоколу SMB v1, выполните следующую команду:

Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol -Remove

Осталось перезагрузить систему и убедиться, что поддержка протокола SMB1 полностью отключена.

Get-WindowsOptionalFeature –Online -FeatureName SMB1Protocol

Отключение SMBv1

Совет. Прямые ссылки на патчи для исправления уязвимости под снятые с поддержки системы:

Windows XP SP3 x86 RUS — http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-rus_84397f9eeea668b975c0c2cf9aaf0e2312f50077.exe

Windows XP SP3 x86 ENU — http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe

Windows XP SP2 x64 RUS — http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe

Windows XP SP2 x64 ENU — http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe

Windows Server 2003 x86 RUS — http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x86-custom-rus_62e38676306f9df089edaeec8924a6fdb68ec294.exe

Windows Server 2003 x86 ENU — http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x86-custom-enu_f617caf6e7ee6f43abe4b386cb1d26b3318693cf.exe

Windows Server 2003 x64 RUS – http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-rus_6efd5e111cbfe2f9e10651354c0118517cee4c5e.exe

Windows Server 2003 x64 ENU — http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe

Windows 8 x86 — http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows8-rt-kb4012598-x86_a0f1c953a24dd042acc540c59b339f55fb18f594.msu

Windows 8 x64 — http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows8-rt-kb4012598-x64_f05841d2e94197c2dca4457f1b895e8f632b7f8e.msu
Отключение SMB v 1.0

Простым и действенным способом защиты от уязвимости является полное отключение протокола SMB 1.0 на клиентах и серверах. В том случае, если в вашей сети не осталось компьютеров с Windows XP или Windows Server 2003, это можно выполнить с помощью команды

dism /online /norestart /disable-feature /featurename:SMB1Protocol

для Win 8 в PowerShell:
Set-SmbServerConfiguration -EnableSMB1Protocol $false

для Win 7.
Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1 -Type DWORD -Value 0 -Force

PART 1: Remove a Specific Built-in App in Windows 10

PART 1: Remove a Specific Built-in App in Windows 10

You can take help of Get-AppxPackage and Remove-AppxPackage commands to uninstall/remove built-in apps in Windows 10.

Get-AppxPackage command can be used to get a list of all installed modern apps in your computer. Remove-AppxPackage command is used to remove an app from Windows 10 computer.

If you want to remove an app, these commands will require an essential information about that app i.e. PackageFullName (the full package name of the modern app).

So first we’ll need to get the PackageFullName of our desired modern app which we want to remove from our computer.

1. Just run following command in PowerShell to get a list of all installed apps:

Get-AppxPackage

This command will output a long list of all installed apps containing lots of information about each app. But we only need the PackageFullName information of our desired app, so run following filtered command:

Get-AppxPackage | Select Name, PackageFullName

This command will show only the name of the app and its PackageFullName information. Now the output will be easy to read and understand.

2. Now select the PackageFullName information of your desired app and press Enter key to copy it to clipboard.

3. Now to remove the app from your computer, you’ll need to run following command:

Get-AppxPackage PackageFullName | Remove-AppxPackage

In above mentioned command, replace PackageFullName with the copied information from step 2. You can also take help of wildcards (such as *) to make the PackageFullName parameter easy to type.

For example, if you want to remove 3DBuilder app, the command to remove it will be as following:

Get-AppxPackage *3dbuilder* | Remove-AppxPackage

Remove All Built-in Apps in Windows 10

PART 2: Remove All Built-in Apps in Windows 10

If you want, you can uninstall all built-in modern apps in a single step using following command:

Get-AppxPackage | Remove-AppxPackage

The above mentioned command will uninstall the apps from your current user account only.

Command to uninstall all built-in apps for all user accounts:

Get-AppxPackage -allusers | Remove-AppxPackage

Command to uninstall all built-in apps for a particular user account:

Get-AppxPackage -user username | Remove-AppxPackage

NOTE: We’ll not advise you to uninstall all built-in apps using these commands as it may break some functionality of Windows 10 OS. Also you may not be able to restore all modern apps in future.

You cannot turn on Network Discovery in Network and Sharing Center

Resolution
To resolve the issue, follow these steps:

Make sure that the following dependency services are started:
DNS Client
Function Discovery Resource Publication
SSDP Discovery
UPnP Device Host

Configure the Windows firewall to allow Network Discovery. To do this, follow these steps:

Open Control Panel, click System and Security, and then click Windows Firewall.
In the left pane, click Allow an app or feature through Windows Firewall if you are running Windows Server 2012. Or, click Allow a program or feature through Windows Firewall if you are running Windows Server 2008 or Windows Server 2008 R2.
Click Change settings. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Select Network discovery, and then click OK.

Configure other firewalls in the network to allow Network Discovery.
Turn on Network Discovery in Network and Sharing Center.

Posts navigation

1 2 3 4 5 6 9 10 11
Scroll to top