Episode 32: Doesn’t It Make You Wanna Cry?

Yet another ransomware outbreak. Were you prepared for Wanna Cry? Will you be prepared next time? In this episode we do a post mortem of the Wanna Cry ransomware outbreak and give you strategies to protect you from this, and similar outbreaks.

Notes from this week’s podcast

Disable SMBv1 Using Group Policy

UPDATE (6/20/2017): We created a quick video showing you how to disable SMB using GPO here: https://youtu.be/AEtc-8Y-bZY

Here are the steps, if you want to give it a try:
Open Group Policy Editor and create a new policy
Computer Configuration > Preferences > Windows Settings > Registry:
Action: Update
Hive: HKEY_LOCAL_MACHINE
Key Path: SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Value name: SMB1
Value Type: REG_DWORD
Value Data: 0 (hexadecimal)

Query SMBv1 Using Powershell
Open a PowerShell window and use the command

Get-SMBServerConfiguration | Select EnableSMB1Protocol

Set SMBv1 Using Powershell
Open a Powershell window and issue the command

set-smbserverconfiguration -EnableSMB1protocol $false

(Note – powershell execution policies may block this method)

Links

Subscribe

Network ninja, dad, husband, rugby player. I help you secure your digital stuff.