Brace yourselves - I predict a world of pain for us who have customers using scan to smb once this windows update comes along.
Here it comes...
Collapse
X
-
-
-
Re: Here it comes...
How would this affect us? as in which aspects of a mfd would it cause issues with?Comment
-
' "But the salesman said . . ." The salesman's an asshole!'
Mascan42
'You will always find some Eskimo ready to instruct the Congolese on how to cope with heat waves.'
Ibid
I'm just an ex-tech lurking around and spreading disinformation!Comment
-
Re: Here it comes...
That is what I asking, like, will it lock lock out smb, or cause login/connectivity errors, just stall the machine? is it only for win7 or vista and xp too?Comment
-
Re: Here it comes...
This shouldn't have any effect on SMB scanning at all: SMB/CIFS doesn't use encryption. As a security measure SMB uses packet signing which just digitally signs the packets to ensure that they aren't being intercepted and altered on the way to the end device. The types of issues that are being addressed by this patch are way up the chain from SMB: SSL, Terminal Server signing and Active X are quite different. Flame worked by having the NSA or Mossad or what-have-you impersonate a root Microsoft certificate so that Flame appeared to come from Microsoft directly. All packet signing does is create an electronic signature for a device from a pre-installed random private key tied with a public key that gets transmitted to the end recipient that can be read and verified back to the private key.Comment
-
Re: Here it comes...
Well, I'll admit I'm quite green when talking about SMB, but I'd assume that, once you use a login to access any SMB share, it would become encrypted, and thus, affected by this update. Burned as I am (and, I believe, others) from MS updates breaking SMB scanning from MFPs, I guess this will be no different.' "But the salesman said . . ." The salesman's an asshole!'
Mascan42
'You will always find some Eskimo ready to instruct the Congolese on how to cope with heat waves.'
Ibid
I'm just an ex-tech lurking around and spreading disinformation!Comment
-
Re: Here it comes...
Authentication to an SMB carries one of two methods of encryption and security: for domains Kerberos is used while workgroups use NTLM (and in newer machines and operating systems NTLMv2). Changes to these protocols definitely have broken SMB scanning, most recently the use of NTLMv2 in Windows Vista and above. Keep in mind, that for the copier to reach a Windows share it's using the Unix/Linux feature Samba. Any changes made to Windows root certificates and other higher level Windows-exclusive authentication methods won't affect a 'Nix machine unless it is explicitly trying to use that certificate. Apache servers with older style SSL certs and other application level servers will be affected more than the lowly copier will be.Comment
Comment