|
|
|
|
|
|
by nullValue
3321 days ago
|
|
|
Has anyone read any article on how this vulnerability is spreading via SMB V1? With the Robert Morris worm/I Love you/Conficker we knew exactly how the worm spread. From a programmers perspective, what is this thing doing? Is there an nmap filter to find vulnerable clients yet? If not, how do I create one. I'd like to be pro-active with my current customers concerns. Thanks, |
|
|
Effectively to filter it you need to block all SMBv1 packets. Which you should do already because the modern SMB is v3
Let alone you shouldn't be listening for AD management commands from the wide internet.