ANTI-HACK, Redirect vulnerability to SMB

Hello friends, today we will solve the problem with the "Redirect to SMB" vulnerability that was discovered a few days ago and that affects all versions of Windows, including Windows 10.
Vulnerability in Windows applications based on naivety, which will soon feel to log SMB server. At that time data logging are spit out, where the attacker intercepts them for later decryption.
Warning!
Redirect to SMB is a vulnerability that affects many applications and even antivirus programs.
Some examples:
Adobe Reader, Apple QuickTime and Apple Software Update, Internet Explorer, Windows Media Player, Excel 2010, Symantec's Norton Security Scan, Free AVG, BitDefender Free, Comodo Antivirus, Box Sync, TeamViewer, etc.
Perhaps the Microsoft will fix this vulnerability (Redirect to SMB) soon, unfortunately only those with legal Windows will receive this patch.
Those with pirated Windows will have to manually make some settings in the firewall to stop SMB traffic to the outside.
SMB ports are TCP and TCP 139 445.
More details can be found on Redirect to SMB cylance.com blog



Related Tutorials


About Cristian Cismaru

I like everything related to IT&C, I like to share the experience and information I accumulate every day.
Learn as you learn!

Comments

  1. caisinDonici said

    for those with wind. pirated to many will not work these settings, because the firewall is off from the "factory" and when you start it gives you the error 0x80070422

    • talking nonsense. most pirated Windows sites are not changed.
      Windows does not have a lot of people changed sites are not at all popular torrent sites, all looking for the original, unmodified. Only that makes it different is activated from the original, from Microsoft.

  2. caisinDonici said

    I also found the solution, it was stopped from "services" to be put on the machine

  3. Thank you "learn"

  4. Thank you very much Cristi, live

  5. unVizitator said

    I think the problem is still not solved .. deorece firewall port from Samba (smb) as those of apache servers, ftp, ssh can be changed. .. it's just a temporary solution must be found another solution to this security bag

  6. I follow many years video tutorials made by you and take this opportunity to mulţumesc.Eu I avast firewall and the Windows dezactivat.Am I checked the firewall settings of avast and noticed that comes already set with blocking these ports TCP and TCP 139 445.Deci it seems that this vulnerability in avast know before.

    • Yes, probably made by a patch update. About this vulnerability was only a few days ago.

      • Costelina said

        Cristi welcome
        My hunch is that only Windows Windows 8 8.1 10 not know it would be possible vulnerability as we have shown in this tutorial that I found in Windows 7 and remote settings every time you turn off and stop the services and remote (pc manage)
        Windows 8 times I found these settings (or maybe I did not know them yet keep looking a not quit)
        Again we all know that Windows comes with 8 Metro interface and there really a suspect be possible vulnerability for all applications in Metro with PC startup automatically logs
        to almost forgot, I met a cuidatenie so when I open a Word document is online and asking me username password settings but I had done what I have listed above in Windows7
        I guess if it does not make them automatically sign?
        thank you

  7. constant said

    Excellent!

  8. I have a Zyxel NSA320S enabled SMB server, is there any danger?

  9. these ports have been in trouble for many years. it's been discovered for a long time. with exploits on 445 one enters immediately. with activity registration with everything. is solved with Windows Worms Doors Cleaner. (it had a dedicated menu… as good as it could be from the firewall).
    the problem has calmed down since they put upc / rtc - modem and since most have routers.
    few cases when the cable net's directly in PC. now go through modems / routers. which routereaza public ip and not in bridge. Not to mention how frequently changing public IPs assigned by your ISP.
    So: problem solved about itself.

    more current problem would be mounted ont rds sites.
    I have not yet. I understood that the user has full access their menu.
    there would be 2 accounts: user - limited in settings, and admin - to which rds does not give the password to the subscriber. must be stolen from the ont configuration. I'm really sorry they haven't set it up yet and I'm going to fight it. 🙂
    who has to make a tutorial.

  10. Yes, according to user stefan, ONT subject is topical! RCS-RDS began installing such equipment! I already have an ONT but do not know how it can be accessed! Maybe need a tutorial ONT, fiber optics, etc.!

  11. Sebastian Remus said

    Thank you very much for everything! (Y)

  12. We welcome! For Cristian Cismaru, I would like an opinion: I am interested in a mini pc with android to connect to TV, but have not really found any suggestions or recommendations on the net. I saw that you made a tutorial a while ago, but I find topped model, as others have emerged more powerful. He drew attention to the following: minix neo x8h addition, Orion tronsmart r28 meta and meta aw80 tronsmart draco. As specifications are relatively similar, but the prices there are differences. Mention that use a smart LED TV and a gigabit router FiberLink 200 subscription. Thanks in advance.

    • If the specifications and quality are somewhat similar, you can choose from price and accessories.
      Whatever you choose, there are good tools.

      • We welcome! For Cristian Cismaru, I would like an opinion: I am interested in a mini pc with android to connect to TV, but have not really found any suggestions or recommendations on the net. I saw that you made a tutorial a while ago, but I find topped model, as others have emerged more powerful. He drew attention to the following: minix neo x8h addition, Orion tronsmart r28 meta and meta aw80 tronsmart draco. As specifications are relatively similar, but the prices there are differences. Mention that use a smart LED TV and a gigabit router FiberLink 200 subscription. Thanks in advance.

  13. Thanks for the tutorial and Happy New Year to all named after St. George!

  14. yeah that your Windows is usually full of vulnerabilities. As I said again use Linux and you will be exempt from viruses or vulnerabilities. linux is just a few critical vulnerability has no further update to resolve small problems occur on Linux compared to windousu which appear mair intrzieri update or not. your Windows dust in every regard. and if you put games dual boot is a must when using your Windows Linux rest. Linux is based on 98% of servers are linux and solaris rest other non-your Windows system .. and as I said would need to use linux promoted urged viziatorii

    • View Product said

      I do not know how to do that though I installed Linux Mint 17 8.1 besides windows, all windows in most cases use;))
      We custom grub and put the windows boot first position. There were times when I almost forgot that I had actually installed linux on that PC.
      Linux systems will be better in terms of security, but they have a big disadvantage in terms of accessibility, ease of use, ecosystem of third-party programs available, in some cases there may be problems with drivers, etc. Let's be serious, in windows you have a graphical interface for almost anything, while on linux… we know how things are. I just can't really stand without windows on my pc anyway I give it… I would just limit myself from too many points of view and for any little thing that may appear later, I waste 10 times more time trying to solve the problem. For a home user it is simply not worth it. If we talk about servers, then it's a completely different fish dish.

      • besides mean that you do not know anything and Linux. also searching the forums how to use linux and after a while you sit on it you will see how easy it is accessible to linux. Ubuntu and Linux Mint May alex are for beginners and beyond. Linux is very easy to custom-made. your Windows instead give some examples is limited: to cosutumizare which does not allow you to make a big deal out of the factory and must put on various sites insecure all kind of programs that help cica customization, your Windows is not free and most have cracked versions, cica free from your Windows programs are not always good choice and come with a lot toolbaruri commercials and PROS while on linux 99% of prgrame are free. you're one of the many Romans who you give me something new to say pff bag is not impossible. When I was first setting linux ubuntu linux guy and what's habarnaveam. but I read through the forums and see what I say to one another and compared with your Windows and saw that it's much better since d eprin 2008 2010 if I'm not mistaken I used the first time. Linux has less to say yes so do not go the games and certain programs. but for most programs find a lot linux alternative. May certeaza forums and you personally and see how easy it is and get rid of frequent errors and installation of operating system plus not say it's much faster. Now you choose what you use and if you want

      • yes and I forgot to say the vast majority of pcurilui leptopurilor are drivers for the video card and can folsiii universal driveru coming DEFA (server org). if you have a PC or laptop exotic exotic to say so it could not go wrong. but for the most popular notebook PCs will funcctiona popular used 100%. and about 96 98% of users are doing perfectly linux pc or laptop or notebook :).

        • more specialist, learn first to express yourself grammatically correct and then come up with tips but not with aberrations like linux comparison - windows… .laptop, write grammatically correct

  15. Cristi, can you tell us here or in a separate tutorial which security solutions use / recommend for online payments but also in general for your system?

  16. Thanks for the reply. Ref mini android pc, tronsmart draco has the best specifications, it also works on linux, but it only has hdmi 1.4, tronsmart orion is a bit cheaper but it has hdmi 2.0 (4k) (I don't know if linux wouldn't work on he), and minix x8h plus is the most expensive… Personally I would lean towards tronsmart orion r28 meta. I would put a splashtop streamer and use the pc when I needed it. What do you think of Cristi?

  17. If we Comodo firewall, what settings do? Thanks in advance.

    • axelluny said

      Firewall – Sthealt Ports Wizard – Block all incoming connections and make my pots stealth for everyone (last option). Microsoft is checking the eggs so I doubt they will block them.

  18. In most cases the pirated Windows can make updates without problems and proposed solution for you but it's good!

  19. salutare.stiu that are off topic, but I have a question: google voice is offline in Romanian?

  20. With Outpost Firewall settings can someone help me?

  21. Howdy,
    How can I make this setting in Privatefirewall?
    Thank you!

  22. Very good tutorial and videotutorial.ro.Mulţumim. But for those who still use Windows XP as it is done? We would be grateful and thankful if we could all give you a Wind Madala as 7, 8, 10. Once again THANK YOU!

Speak Your Mind

*