ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Is SMB 1.0 more vulnerable at the client level or server level

    Scheduled Pinned Locked Moved IT Discussion
    122 Posts 11 Posters 7.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @DustinB3403
      last edited by

      @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

      I'd assume that the drivers for this camera are just built for a 32-bit system. I'd not be surprised if the camera didn't actually work with Windows 10.

      They easily don't, but they easily do. Windows 10 32bit is one option. Seems like it would be worth testing.

      1 Reply Last reply Reply Quote 0
      • JaredBuschJ
        JaredBusch @scottalanmiller
        last edited by

        @scottalanmiller said in Is SMB 1.0 more vulnerable at the client level or server level:

        You can attempt to run Windows 10 and connect the camera and see if you can trick it into thinking that it is Windows XP, for example. Might not work, but probably worth trying.

        This is the best idea, as there is not point in even trying to do this with Windows 7 since it is also about out of support, and thus also a HIPAA non-compliant issue.

        I've made a number of shit ass software products work on Windows 10 over the years with the help of compatibility mode.
        0d8d77aa-5bcf-4a56-8f46-4e13efc6961b-image.png

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          Yeah, Windows 10 32bit (we are assuming 32bit XP as 99% of installs were) + XP Compatibility has a really decent chance of working.

          1 Reply Last reply Reply Quote 0
          • JaredBuschJ
            JaredBusch @DustinB3403
            last edited by

            @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

            @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

            @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

            But they have a printer attached to this system, I assume this is USB as well, right? Or is this system already networked?

            No one said that. you are conflating everything worse than @Dashrender. Stop assuming shit, and spam replying with no useful info.

            @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

            Current process is that they print all images and then scan them in. I was just looking to save some steps but not cause a security issue for them.

            Suck it.

            Read more slowly. They print the images. They scan the printed images in.

            Nothing in there states the images come from this system, that was bought for the camera, not for the printing.

            DustinB3403D 1 Reply Last reply Reply Quote 0
            • DustinB3403D
              DustinB3403 @JaredBusch
              last edited by

              @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

              @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

              @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

              @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

              But they have a printer attached to this system, I assume this is USB as well, right? Or is this system already networked?

              No one said that. you are conflating everything worse than @Dashrender. Stop assuming shit, and spam replying with no useful info.

              @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

              Current process is that they print all images and then scan them in. I was just looking to save some steps but not cause a security issue for them.

              Suck it.

              Read more slowly. They print the images. They scan the printed images in.

              Nothing in there states the images come from this system, that was bought for the camera, not for the printing.

              How do you think they are printing the images? Using a USB drive to grab the files from this XP workstation first? We all know that USB drives are a massive HIPAA no-no.

              So @syko24 how are they printing these images?

              syko24S 1 Reply Last reply Reply Quote 0
              • syko24S
                syko24
                last edited by

                So if it were possible to upgrade to 10, I would have to first upgrade to 7 and then upgrade to 10 correct? I can't remember if XP to 7 required a clean install.

                1 Reply Last reply Reply Quote 0
                • syko24S
                  syko24 @DustinB3403
                  last edited by

                  @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                  @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                  @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                  @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                  @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                  But they have a printer attached to this system, I assume this is USB as well, right? Or is this system already networked?

                  No one said that. you are conflating everything worse than @Dashrender. Stop assuming shit, and spam replying with no useful info.

                  @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                  Current process is that they print all images and then scan them in. I was just looking to save some steps but not cause a security issue for them.

                  Suck it.

                  Read more slowly. They print the images. They scan the printed images in.

                  Nothing in there states the images come from this system, that was bought for the camera, not for the printing.

                  How do you think they are printing the images? Using a USB drive to grab the files from this XP workstation first? We all know that USB drives are a massive HIPAA no-no.

                  So @syko24 how are they printing these images?

                  USB printer directly attached

                  DustinB3403D 1 Reply Last reply Reply Quote 1
                  • DustinB3403D
                    DustinB3403 @syko24
                    last edited by

                    @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                    @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                    @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                    @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                    @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                    @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                    But they have a printer attached to this system, I assume this is USB as well, right? Or is this system already networked?

                    No one said that. you are conflating everything worse than @Dashrender. Stop assuming shit, and spam replying with no useful info.

                    @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                    Current process is that they print all images and then scan them in. I was just looking to save some steps but not cause a security issue for them.

                    Suck it.

                    Read more slowly. They print the images. They scan the printed images in.

                    Nothing in there states the images come from this system, that was bought for the camera, not for the printing.

                    How do you think they are printing the images? Using a USB drive to grab the files from this XP workstation first? We all know that USB drives are a massive HIPAA no-no.

                    So @syko24 how are they printing these images?

                    USB printer directly attached

                    SUCK IT! @JaredBusch

                    BAM!

                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @DustinB3403
                      last edited by

                      @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                      @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                      @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                      @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                      @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                      @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                      @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                      But they have a printer attached to this system, I assume this is USB as well, right? Or is this system already networked?

                      No one said that. you are conflating everything worse than @Dashrender. Stop assuming shit, and spam replying with no useful info.

                      @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                      Current process is that they print all images and then scan them in. I was just looking to save some steps but not cause a security issue for them.

                      Suck it.

                      Read more slowly. They print the images. They scan the printed images in.

                      Nothing in there states the images come from this system, that was bought for the camera, not for the printing.

                      How do you think they are printing the images? Using a USB drive to grab the files from this XP workstation first? We all know that USB drives are a massive HIPAA no-no.

                      So @syko24 how are they printing these images?

                      USB printer directly attached

                      SUCK IT! @JaredBusch

                      BAM!

                      Don't be a dick. You assumed, I did not.

                      DustinB3403D 1 Reply Last reply Reply Quote 0
                      • DustinB3403D
                        DustinB3403 @JaredBusch
                        last edited by

                        @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                        Don't be a dick. You assumed, I did not.

                        I assumed correctly based on common knowledge about HIPAA. You assumed some magic was occurring for them to get the files off of this XP system to something that can print.

                        JaredBuschJ 1 Reply Last reply Reply Quote 0
                        • 1
                          1337
                          last edited by 1337

                          I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                          I didn't read the entire thread but best practice for the above is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                          So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                          JaredBuschJ scottalanmillerS 2 Replies Last reply Reply Quote 1
                          • JaredBuschJ
                            JaredBusch @1337
                            last edited by

                            @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                            I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                            Best practice is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                            So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                            Does not solve the need for SMB1

                            syko24S 1 Reply Last reply Reply Quote 3
                            • JaredBuschJ
                              JaredBusch @DustinB3403
                              last edited by

                              @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                              @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                              Don't be a dick. You assumed, I did not.

                              I assumed correctly based on common knowledge about HIPAA. You assumed some magic was occurring for them to get the files off of this XP system to something that can print.

                              No, there are all kinds of machines in medical that print images that need subsequently scanned. You made a wild assumption and got lucky.

                              1 Reply Last reply Reply Quote 0
                              • syko24S
                                syko24 @JaredBusch
                                last edited by

                                @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                                @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                Best practice is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                Does not solve the need for SMB1

                                Just thinking about it, what if FTP were an option?

                                1 scottalanmillerS DustinB3403D 3 Replies Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @1337
                                  last edited by

                                  @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                  I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                  I didn't read the entire thread but best practice for the above is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                  So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                  That works for general security, but HIPAA doesn't allow for it even when done "well".

                                  1 1 Reply Last reply Reply Quote 0
                                  • 1
                                    1337 @syko24
                                    last edited by

                                    @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                                    @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                                    @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                    I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                    Best practice is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                    So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                    Does not solve the need for SMB1

                                    Just thinking about it, what if FTP were an option?

                                    or SFTP or FTPS.

                                    1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @syko24
                                      last edited by

                                      @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                                      @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                                      @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                      I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                      Best practice is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                      So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                      Does not solve the need for SMB1

                                      Just thinking about it, what if FTP were an option?

                                      Solves the SMB 1 issue which is not the real issue. Does not solve the Windows XP connected to another device issue that causes your HIPAA violation.

                                      FTP would be "better", but not enough better to actually matter.

                                      1 Reply Last reply Reply Quote 0
                                      • DustinB3403D
                                        DustinB3403 @syko24
                                        last edited by

                                        @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                                        @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                                        @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                        I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                        Best practice is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                        So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                        Does not solve the need for SMB1

                                        Just thinking about it, what if FTP were an option?

                                        Still would be a HIPAA violation. As that would be an relatively uncontrolled means of egress for the files.

                                        syko24S 1 Reply Last reply Reply Quote 0
                                        • 1
                                          1337 @scottalanmiller
                                          last edited by

                                          @scottalanmiller said in Is SMB 1.0 more vulnerable at the client level or server level:

                                          @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                          I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                          I didn't read the entire thread but best practice for the above is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                          So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                          That works for general security, but HIPAA doesn't allow for it even when done "well".

                                          Ah, that's too bad.

                                          1 Reply Last reply Reply Quote 0
                                          • syko24S
                                            syko24 @DustinB3403
                                            last edited by

                                            @DustinB3403 said in Is SMB 1.0 more vulnerable at the client level or server level:

                                            @syko24 said in Is SMB 1.0 more vulnerable at the client level or server level:

                                            @JaredBusch said in Is SMB 1.0 more vulnerable at the client level or server level:

                                            @Pete-S said in Is SMB 1.0 more vulnerable at the client level or server level:

                                            I have dealt with these kind of system many times - systems that can't be upgraded or can't be made to support newer protocols.

                                            Best practice is to isolate them from the network as much as possible and whitelist IP's that are allowed access.
                                            So I suggest sticking the camera and XP behind a hardware firewall and set up rules for what ports are allowed to be accessed from what IP addresses. I'm sure you can close it down a lot.

                                            Does not solve the need for SMB1

                                            Just thinking about it, what if FTP were an option?

                                            Still would be a HIPAA violation. As that would be an relatively uncontrolled means of egress for the files.

                                            So really the answer is that XP on any network no matter how segregated is not doable.

                                            scottalanmillerS 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 3 / 7
                                            • First post
                                              Last post