[vmp]

I've been wondering since this began, is there any reason as to why someone would open up their file server/shares to the internet? I remember reading somewhere that SMB wasn't designed for WANs and seems like a terrible choice to put on the internet (even without the security risk).

[isostatic]

You have a corporate network which has SMB everywhere (as it's windows based). You have 1 of your 10,000 users run "funnyscreensaver.exe", and before you know it you're entire network is infected -- doesn't matter that your firewall blocks incoming or outgoing 137/139/445 - or even if it's an isolated network without even nat capability.

[fulafel]

People have been using the internet to share files for a long time, it's one of the most common things people want to do.

If the SMB implementations in Windows and Samba had been done with due attention to security requirements of networked software, it wouldn't be especially risky either.

[Spooky23]

Nobody does. These things are all about old enterprise apps and pirated windows.

In a very large network that I'm familiar with, we killed SMB1 globally to mitigate exposure, and in the process killed a bunch of apps.