A bon entendeur...
Sources d’informations
importantes
LE CERT
http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ALE-010/index.html
http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ALE-008/index.html
http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ALE-011/index.html
http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ALE-010/index.html
http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ALE-008/index.html
http://www.cert.ssi.gouv.fr/site/CERTFR-2017-ALE-011/index.html
Un article très intéressant sur
le sujet :
http://www.silicon.fr/wannacry-ransomware-plus-besoin-phishing-174779.html?utm_source=2017-05-16&utm_medium=email&utm_campaign=fr_silicon_v2&referrer=nl_fr_silicon_v2&t=2787740e0eba108915981b88a0e37cb41979139&pos=firstFeaturedArticle_1_title
http://www.silicon.fr/wannacry-ransomware-plus-besoin-phishing-174779.html?utm_source=2017-05-16&utm_medium=email&utm_campaign=fr_silicon_v2&referrer=nl_fr_silicon_v2&t=2787740e0eba108915981b88a0e37cb41979139&pos=firstFeaturedArticle_1_title
Les mises à jour (en
fonction du système d’exploitation) :
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598 (4012598)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212 (4012212)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215 (4012215)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012213 (4012213)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216 (4012216)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012214 (4012214)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012217 (4012217)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012606 (4012606)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013198 (4013198)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429 (4013429)
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598 (4012598)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012212 (4012212)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012215 (4012215)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012213 (4012213)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012216 (4012216)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012214 (4012214)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012217 (4012217)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4012606 (4012606)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013198 (4013198)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4013429 (4013429)
Serveurs SMB
Windows 8 et Windows Server 2012
Lancer Windows Powershell :
Set-SmbServerConfiguration -EnableSMB1Protocol $false
Lancer Windows Powershell :
Set-SmbServerConfiguration -EnableSMB1Protocol $false
Windows 7, Windows Server 2008 R2, Windows
Vista et Windows Server 2008
Lancer Windows Powershell :
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force
Lancer Windows Powershell :
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force
Clients SMB
Windows Vista, Windows Server 2008, Windows 7,
Windows Server 2008 R2, Windows 8 et Windows Server 2012
Lancer le mode de commande (CMD.EXE)
SC.exe config lanmanworkstation depend = bowser/mrxsmb20/nsi
Lancer le mode de commande (CMD.EXE)
SC.exe config lanmanworkstation depend = bowser/mrxsmb20/nsi
SC.exe config mrxsmb10 start = disabled
Windows 8.1, Windows 10, 2012 R2 de Windows et
Windows Server 2016
Systèmes d’exploitation serveurs
Lancer Windows Powershell :
Remove-WindowsFeature FS-SMB1
Lancer Windows Powershell :
Remove-WindowsFeature FS-SMB1
Systèmes d’exploitation clients
Lancer Windows Powershell :
Disable-WindowsOptionalFeature –Online –Featurename SMB1Protocol
Lancer Windows Powershell :
Disable-WindowsOptionalFeature –Online –Featurename SMB1Protocol
