NAS mounting issues (SMBv1 vs SMBv2)

I have this very old Cisco NAS and today when my wife wanted to connect to it the connection got refused by her computer. The reason for this is that this NAS uses the SMBv1 protocol, whereas Microsoft has disabled everything below SMBv2 due to security concerns.
What do you guys consider the best approach in solving this? While it might be straightforward to enable/install SMBv1 support, I fear the repercussions. Are there any other, safer, ideas? I could also mount the NAS through a spare Raspberry Pi, that uses a more advanced protocol.

There are no repercussions on your LAN behind a NATted firewall, just use SMBv1.

1 Like

Right now, I don’t have a dedicated firewall (like pfSense for instance) running. (But I think you mean that as long as my NAS is not reachable on the Internet, which it isn’t, I should be fine).
When browsing over the description of SMBloris - which probably caused this deactivation - it seems as if this is of more concern to the server, than to the client side.

Unless your laptop gets malware on it and you connect it to your network.

1 Like

In which case you’re screwed anyway, as the laptop will be authenticated to the NAS.

1 Like

Well, thanks to both of you :wink:

@Eden Do you have a better idea? Or do I just have to live with the consequences (or purchase a new NAS)?

Yes, though that would only give you access to the part of the nasty yours authenticate to, if your automatically authenticated to it.

You just need to be aware of the risks. It’s likely that your NAS has other vulnerabilities given that it probably isn’t supported any more. If you are careful with how you use your devices, keep your systems up to date, and are sensible on the internet, and the data on your NAS isn’t vital then you can probably just keep going on as usual (assuming SMBv1 can even be enabled anymore).

An option might be to mount the NAS as a iSCSI drive if it support that. Windows also supports NFS directly, you could try this (the feature needs to be turned on, it might be windows version dependant).

It’s probably worth looking at replacing the NAS at some point in the future just so you can have something that’s supported if nothing else, SMB probably isn’t its only problem.

1 Like

Yeah, I know. It was already pretty old when I purchased it, but I got ir rather cheap (had to pay a pizza :smiley: )

Windows 10 will still allow you to enable SMBv1, it’s just turned off by default. I use it myself because Kodi doesn’t support SMBv2/3 properly on android yet.

One option without SMB1 could be to connect through the IP of the NAS, like “\192.168.1.100” or whatever it might have. I have an old QNAP HS-210 that I use like that, which only sports SMB1.

My recommendation:
Update your NAS.

If it is still running SMB1 and can not support SMBv2 clients and there are no updates for it there are likely a host of other security problems with it.

That and the fact that hardware that old is likely due for failure soon anyhow.
Plan for its death/retirement.

edit:
yes yes you can probably enable smbv1. for now. but that’s always going to be more risky than replacing the EOL device.

This is exactly why I recommend using a Linux distribution like Sues Linux Enterprise or better even yet Red hat Enterprise Linux as they are Based out of Raleigh Drum north Carolina , USA as a server distribution fior any mission critical servers as the old FOSS community saying goes More eyes on the code equals better response time and bug patching.