There's a WannaCry exploit for Linux

1 Like

Hmmm...This explains the Samba update that came up yesterday...I was wondering about how much of a coincidence that was what i saw the update considering recent events.

What nobody is talking about here is that nt pipe support was originally a developer debug option for windows NT named IPC$ pipes support.

And according to the book, and I quote, "Should never be changed"
The fun begins when one starts to ask why a debug option (a non-essential one at that) was defaulted to being enabled and explicitly stated as not needing to be changed. Thought for the day.

https://books.google.com/books?id=MFgq3fx_doAC&lpg=PA564&ots=QpiypXGQDD&dq=nt%20pipe%20support%20samba&pg=PA564#v=onepage&q=nt%20pipe%20support%20samba&f=false

5 Likes

How did you get samba to update. I am using Linux Mint 18.0 and am currently running samba 4,3.11 I want to be running at least samba 4.6.10. I did a Google search to try figure out how to do that, but Google search only brought up web sites that gave too little information or just confused me.

It just came up in the update manager...I did nothing...I am actually running mint 18.1.

It was patched by ubuntu specifically. The samba version running is the ubuntu 16.04 one. It was patched for the vulnerability without updating the version.

If you want an updated version of samba you have to find a latest version PPA and add it.

Thanks for the information, I am currently in the process of removing Linux Mint. and then I will be installing Centos 7. The reasons I am installing Centos 7 are two fold, first since Centos is maintained by Red Hat it updates more frequently, Second I have to get a certain Red Hat certification for work. Where I work they are slowly switching from Windows 8.1 to Red Hat Enterprise. They just signed a contract with Red Hat to help maintain their product, and I was the first victim chosen to make the switch from Windows 8.1 to a Linux distro supported by Red Hat cold turkey. I anticipate many days of swearing and pulling out my hair, lucky I have a privet office so I shouldn't disturb my fellow coworker too much.

1 Like

No its not, its maintained by the Red Hat community. But still very good though.

I know it isn't maintained by Red Hat, but it is basically the same as Red Hat, while my office computer will have Red Hat Enterprize on my home laptop, I will have Centos 7 installed. I am too cheap to pay Red Hats yearly subscription.

I'm guessing that my NAS is affected and will go unpatched by netgear.

Looks like I'll be taking that off line...

The main difference here is SMB is installed and turned on by default in Windows but in an Linux distro you have to install samba yourself.

You also have to meet the following conditions

1) Make file and printer sharing port 445 reachable on the Internet
2) Configure shared files to have write privileges
3) Use known or guessable server paths

Samba is not installed on any of my boxes.

1 Like

I have a NAS/Server hooked up to a VPN tunnel, and even though it does get updates, and the VPN provider blocks port 445, it was still overdue to block all incoming ports except from local IP's.

Would you, or anyone, review whether this is the right configuration. My interfaces are enp4s0,lo, andtun0 for the VPN.

Used this command.
sudo ufw deny in on tun0
Found out neither samba nor ssh worked on LAN (might have something to do with the kill switch?), even though it was specified to only be on the tun0 interface. So allowed all LAN IP's, with:
sudo ufw allow from 192.168.1.0/24

Which results in this sudo ufw status

To                         Action      From
-----------------------------------------------------
Anywhere on tun0           DENY        Anywhere                  
Anywhere                   ALLOW       192.168.1.0/24            
Anywhere (v6) on tun0      DENY        Anywhere (v6)

Is is safe?