View Full Version : Miscellaneous smb client check Ricoh
aviso66
08-02-2021, 04:27 AM
hi
i just want to clarify if i go to telnet and check the smb version using the smb client auth.
It has 0, 1 ,2.
if it's 0 means it only supports smb version 1 and if the client auth 1 means it can support smb version 2 right?
thanks:confused:
so if the client auth can goes up to 2. does it mean it can support smb 3?
PrintWhisperer
08-02-2021, 05:35 AM
Below is my stock SMB negotiate protocol message issued by the sending device.
By performing a Wireshark capture of the Scan to folder you can examine this and see the precise list of supported dialects(‘versions’)
As you can see, your 0,1,2 most likely indicates NTLM 0.12 or SMB ‘1’ only. There is no ‘0’
https://www.copytechnet.com/forums/attachment.php?attachmentid=49616&d=1625524093
aviso66
08-03-2021, 01:55 AM
Below is my stock SMB negotiate protocol message issued by the sending device.
By performing a Wireshark capture of the Scan to folder you can examine this and see the precise list of supported dialects(‘versions’)
As you can see, your 0,1,2 most likely indicates NTLM 0.12 or SMB ‘1’ only. There is no ‘0’
https://www.copytechnet.com/forums/attachment.php?attachmentid=49616&d=1625524093
so only can use wireshark to findout the machine smb version?:confused:
PrintWhisperer
08-03-2021, 02:32 AM
If you want a definite answer in the easiest manner, yes. Obtaining the capture is easy, reading it takes practice. For this you don't even need a network TAP tool.
Download free wireshark and install it on your laptop, or if available on the computer to which the customer scans.
If laptop, give it an IP address compatible with the MFP and connect them with a network cable.
Run Wireshark and select 'Ethernet Adapter' for capture.
Initiate scan to folder operation directed to your laptop shared folder. It does not need to succeed with username and password, just to see the share and try to connect.
(The version negotiation happens before the Uname/pwd check)
Once it fails, stop the capture.
If you can post that file I'll read it for you or PM me for instructions to DIY
slimslob
08-15-2021, 12:03 AM
so only can use wireshark to findout the machine smb version?:confused:
No! You can use Web Image Monitor: Device Management - Configuration - SMB - Advanced Settings
Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.
