Can Avast protect devices still using SMB1 protocol

[surfing69]

I want to add an ext USB HDD to the back of my Huawei HG635 router. However whilst the router can see this drive, my PC cannot. It transpires that the Router uses SMB1 protocol which has been disabled automatically by Windows 10. Once I re-enabled it, i could now see and share the HDD in 'The PC'.

However i have become aware that SMB1 poses a high security risk as it is vulnerable to attack.  I have a private home network.

Would Avast protect me in the scenario above if i re-enabled SMB1 so that i can add a network storage drive?

[DavidR]

Given the vulnerability, also confirmed here https://nordvpn.com/blog/what-is-smb/ and perhaps why win10 disabled it.  I personally wouldn't want to use it, but that has to be your choice.

As an Avast user not Avast Team member, I can't say as to whether Avast would still protect you is dependant on said vulnerability and how it is being exploited.  Whilst the Web Shield is likely to still be scanning downloaded content, I don't know if that would extend to all devices

Given how old the SMBv1 is I would really be looking at replacing it rather than hoping Avast would protect systems/devices hanging of the router.

SMBv1 was released in 1984 by IBM for file sharing in DOS. Microsoft modified and updated it in 1990.

Where did you find that you were using SMBv1 ?

[surfing69]

Ref: 'Where did you find that you were using SMBv1 ?' I thought I answered this question  in my original post (??)

due to the issues i was having seeing (or rather not seeing) the ext USB HDD in 'My PC', i found the following blog where someone mentioned that they had to re-enable SMB1 in order to see and share the drive attached to the router

https://community.talktalk.co.uk/t5/Product-Archive/Writing-to-USB-hard-drive-connected-to-router/td-p/2292383

[DavidR]

Sorry I saw nothing that said how you confirmed that. 

"It transpires that the Router uses SMB1 protocol which has been disabled automatically by Windows 10."

I've seen nothing on my router to say what protocol is being used by my router, so I wondered how you found out.

I accessed my BT router and connected a USB stick that I had, however that isn't made apparent (or indicated anywhere in the router), it is only when I tried to connect to the router IP address I found that too is using the obsolete SMBv1 (a windows error message).  That gives a link that pulls up the link below.

https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/smbv1-not-installed-by-default-in-windows

SMBv1 is not installed by default in Windows 10 version 1709, Windows Server version 1709 and later versions

We strongly recommend that you don't reinstall SMBv1. This is because this older protocol has known security issues regarding ransomware and other malware.

Personally I'm taking that advice and I wonder if even changing my BT router or getting another one might have the same issue.

To work around this issue, contact the manufacturer of the product that supports only SMBv1, and request a software or firmware update that support SMBv2.02 or a later version. For a current list of known vendors and their SMBv1 requirements, see the following Windows and Windows Server Storage Engineering Team Blog article:

Also see - https://techcommunity.microsoft.com/t5/storage-at-microsoft/stop-using-smb1/ba-p/425858

[surfing69]

this the same journey i followed .  i have 4 options

1. get a NAS
2. continue without ext network storage
3. get my isp to update the router
4. enable SMB1 and take the risk

[DavidR]

1.  Is definitely an option and you probably gain on storage levels and speed of access.
2.  Probably not what you want as you wouldn't have access.
3.  In all honesty, they are probably not going to be much help as their routers are probably built by an unknown company.
4.  Certainly not an option I would opt ofr.

[NON]

Just FYI, you can check which version of SMB you are using by:

• Launch Windows Powershell on admin privilege
• Type Get-SmbConnection while connecting to the target drive
• If Dialect column says lower than 2 (ex. 1.5) then you're on SMB1

[Asyn]

Hi, SMB filtering has been included in the latest beta.
-> https://forum.avast.com/index.php?topic=237856.0

[surfing69]

hi

so this beta version would protect against unwanted attack/hack where SMB1 is re-enabled in Windows 10 so that i can connect an external USB HDD to a router which is still using SMB1 protocol?

thanks

[Asyn]

Hi, it seems so, but feel free to test it yourself.

[surfing69]

how would one test this?

[Asyn]

how would one test this?

If you need to ask, it's better to stay away from the beta and wait for the release version.

[bob3160]

how would one test this?

If you need to ask, it's better to stay away from the beta and wait for the release version.

At which time, he would still need to test that its working to protect that drive.

[surfing69]

should i assume that it is working?

Or is there a simple test that even I could deploy?

[Asyn]

If you're interested in the feature, read/ask here: https://forum.avast.com/index.php?topic=235069.0