Networking Technology: SMB

You might not have heard of the SMB protocol but still use it daily. The Server Message Block (SMB) is a network protocol. Its function is to enable users to communicate with remote servers and computers. This communication can be in the form of sharing, opening, editing or using files. Some also refer to it as the server/client protocol because servers can share resources with the clients.

All Windows operating systems which are used for networking can run the SMB protocol. For example, Windows 95, Windows 98, Windows NT, Windows 2000 and Windows XP. A main feature of this protocol is to connect systems with different operating systems like Windows, Linux, etc.

How does SMB Protocol Work?

SMB protocol works by creating a connection between a server and a client. It sends request-response messages to and from by using TCP or the IP network protocols. To understand the working of SMB protocol in a better way, imagine that you and your team are working on a large project. This project requires a lot of files sharing and viewing files stored in one place. The SMB protocol will make it appear as if the files were shared on your own hard drive and not a remote location.

This is beneficial for remote teams where even if the colleague is continents away, they can still view and edit files. Similarly, if your computer is connected to your office printer, you send a request to the printer (the server) through your computer (the client). SMB protocol is applied to this transaction where you will get an end response if the file is printed, queued or the printer ran out of ink.

Whenever an SMB client wants to know the IP address of a host, it sends a query through the network. The NMBD server sends replies in the form of a client’s NetBIOS info. NMBD in this case also keeps a record of all hosts connected to the network.

SMB Protocol Versions

Microsoft tried to rename the SMB protocol to Common Internet File System (CIFS) but the name did not stick. Here are some variations of the SMB protocol:

  • SMBv1
  • CIFS
  • SMBv2
  • 1
  • SMBv3
  • 02
  • 3.1.1

It is essential to know which of these versions are used by your computer, especially in businesses where you have a lot of computers connected to each other. Old computers with old SMB versions might still be running in some office, so it is always better to check.

The Wanna Cry Attack

It is impossible to mention SMB and not discuss the WannaCry attack. In 2017, the American National Security Agency found an issue in the SMBv1 protocol. An attacker was executing their code in this protocol without giving the slightest hint to the user. Infecting one device meant that the attacker had access to the entire network.

Apparently, a hacker group stole the EternalBlue exploit and released it across the internet. Microsoft was quick to release a patch, but the WannaCry ransomware caught wind a month after. Almost 200,000 Windows devices across the world were infected with this attack. The attacker would encrypt all information on your computer and demand ransom in BitCoin. This SMB exploit also cost the UK more than 120 million dollars in ransom.

Conclusion

Companies with more than two personnel can consider establishing a server network. If you create this network with the help of Windows machines, it’ll use the SMB protocol. Before taking the leap, think about how many devices will have access to the network, the sort of files you’ll share and save, the apps you’ll use and other factors. The larger your needs, the more funds you’ll require to set up an SMB protocol server network.