Associate
- Joined
- 23 Nov 2005
- Posts
- 719
- Location
- Kingdom Of Fife
Hi All,
At my work we have one of these drives serving us well (2 x 2TB Reds mirrored)
Due to the recent ransom ware attacks my employer is now wanting to reconfigure the following settings through GP in Windows 10:
Disable NTLMv1 (this should be resolvable by a recent firmware update, probably not an issue on all but the oldest)
Disable LLMNR (this really shouldn’t affect the devices as they are accessed by IP or proper DNS name)
Disable SMBv1 (this should be resolvable by a recent firmware update)
Enforce SMB signing (this may be configurable in the menus of some or on a command line level by editing smb.conf file)
There is also the Windows 10 setting that is part of the Microsoft recommended baseline settings for Windows 10 called “Enable insecure guest logons”, as per the Group Policy setting description, Microsoft recommends disabling insecure guest logons. This may be resolvable via the menus or command line modification of the Samba services files. This could potentially be resolved by changing the practice of browsing for a share rather than mapping directly to an authenticated share.”
The main issue here is disabling insecure guest logons, once this is set, the drive immediately ceases to work on the network and is undiscoverable, as this is the way it likes to connect. Any way of getting the NAS drive to securely connect?
No options in the NAS GUI to do this, was hoping one of you network gurus could help. Cheers.
At my work we have one of these drives serving us well (2 x 2TB Reds mirrored)
Due to the recent ransom ware attacks my employer is now wanting to reconfigure the following settings through GP in Windows 10:
Disable NTLMv1 (this should be resolvable by a recent firmware update, probably not an issue on all but the oldest)
Disable LLMNR (this really shouldn’t affect the devices as they are accessed by IP or proper DNS name)
Disable SMBv1 (this should be resolvable by a recent firmware update)
Enforce SMB signing (this may be configurable in the menus of some or on a command line level by editing smb.conf file)
There is also the Windows 10 setting that is part of the Microsoft recommended baseline settings for Windows 10 called “Enable insecure guest logons”, as per the Group Policy setting description, Microsoft recommends disabling insecure guest logons. This may be resolvable via the menus or command line modification of the Samba services files. This could potentially be resolved by changing the practice of browsing for a share rather than mapping directly to an authenticated share.”
The main issue here is disabling insecure guest logons, once this is set, the drive immediately ceases to work on the network and is undiscoverable, as this is the way it likes to connect. Any way of getting the NAS drive to securely connect?
No options in the NAS GUI to do this, was hoping one of you network gurus could help. Cheers.