In order to connect to the Internet, send or receive files, it is important to use a number of protocols. In this article we are going to explain what is SMB, its features, security issues, and key points. So let’s start from the very beginning.
SMB or in other words Server Message Block is a protocol developed by IBM for sharing files, printers, serial ports, etc. network computer APIs that works at the 6th and 7th level of the OSI model. SMB can be used over the network protocols of the TCP/IP stack, as well as a number of other network protocols. It is designed to perform file and printer sharing, user authorization, and messaging functions.
The first version of the SMB protocol, also known as the Common Internet File System (CIFS), was created by IBM, Microsoft, Intel, and 3Com in the 1980s; the second (SMB 2.0) was created by Microsoft and appeared in Windows Vista. Nowadays, SMB is associated mainly with Microsoft Windows OSes, where it is used to implement the "Microsoft Windows Network" and "File and Printer Sharing".
SMB is a protocol based on client-server technology that provides an easy way for client applications to read and write files and request services from server programs in various types of network environments. Servers provide file systems and other resources (printers, mail segments, named pipes, and so on) to be shared on the network. Client computers may have their own storage media but also have access to resources provided by the server for general use.
In 1992, Samba appeared on the market as a free implementation of the SMB protocol for UNIX-like OSes. The reason is that Microsoft did not publish the SMB specification and its add-ons, Samba creator Andrew Tridgell had to reverse engineer the protocol based on packet analysis.
The SMB protocol was promoted by Microsoft Corporation, including its support in its products. In a Microsoft Windows network environment, SMB was the primary application layer protocol for working with LAN resources. It is designed to perform the functions of file and printer sharing, user authorization, and messaging.
As we know, SMB is a network protocol for sharing files. Communication with other systems requires SMB network ports on the server or computer. To do this, it uses SMB ports, namely port 445 or 139.
Port 139 SMB was originally used to run over NetBIOS with port 139. Here, NetBIOS refers to an older transport layer that allows Windows systems to communicate with each other by sharing a similar network.
In later versions of SMB protocol that appeared after Windows 2000, IP port 445 was used. Thanks to TCP, it allows SMB to work over the Internet.
SMB protocol offers lots of features besides the main goal which is file sharing. There are 7 additional features except for the main one. Generally, these are implementations of the protocol itself, which make it so universal, namely:
The SMB protocol, which corresponds to the appropriate and representative levels of the OSI model, regulates the interaction of the workstation with the server. The SMB function includes the following operations:
At a high level, the representation of the SMB protocol is quite simple. It includes all possible operations to work with files and printers that you use on a regular computer.
Since the SMB was first released in 1983, numerous changes have been made to the network standard, reflected in various versions of the protocol. They begin with SMB 1.0 and end with the current version of SMB 3.1.1.
SMB 1.0 (CIFS)
The first version of the network communication protocol is often equated to the Common Internet File System version. In this first variant, communication was still carried out via the NetBIOS interface, as well as via UDP ports 137 and 138, and also via TCP port 139.
The first major edition of Server Message Block was released by Microsoft in November 2006 with Windows Vista. Although the protocol - now known as SMB 2.0 - continued to be proprietary, the software company also released a specification for the first time that allows other systems to interact with Windows operating systems.
Version 2.1 of the SMB protocol is closely related to Windows 7. In addition to a number of minor performance optimizations, it provided new locking mechanisms to regulate access control more efficiently.
In 2012 with the new version of the Microsoft OS came a new version of Server Message Block. It was originally called SMB 2.2 but was later changed to SMB 3.0. This version of the protocol also aims to increase the performance and security of SMB connections.
SMB 3.1.1 has expanded a series of pre-authentication protocols based on SHA-256 hash values. In addition, the system uses AES-128 encryption in Galois counter mode (GCM).
In the first version of the SMB protocol, there was no authentication. However, in the modern protocol, there are two types of access levels:
Thus, we get that user-level works first, and then share-level provided that the client was able to authenticate to user-level.
For years, Microsoft has considered that it is important that older versions of the Server Message Block should also be supported by newer releases to ensure seamless communication between older and newer devices. But ensuring compatibility has since come with increased security risks. This is because SMB 1.0 has a number of vulnerabilities compared to subsequent protocols that, for example, make the computer vulnerable to DoS attacks.
All versions of SMB are usually enabled for compatibility reasons, such as being required by connected printers or other network devices. Even if the old version of the protocol is practically no longer used, it remains an easy target for attackers who can switch communications to SMB protocol 1.0 and attack the target system without serious obstacles. That is why, with Windows 10, Microsoft has decided to no longer support the first version and automatically deactivate it when not in use.
The Server Message Block protocol is a network file sharing protocol implemented in Microsoft Windows known as the Microsoft SMB Protocol. The set of message packages that define a particular protocol version is called a dialect. The CIFS protocol refers to a dialect that was implemented in the Windows NT4 operating system.
CIFS was created jointly by the Samba Team developers, the independent community, and Microsoft. After the CIFS protocol was introduced as an open standard, Microsoft stopped funding the project and its collaboration with the Samba Team, and CIFS support, rewritten by Microsoft for compatibility with previous versions of SMB, was included in Windows 2000.
CIFS is an open standard protocol based on SMB that provides access to files and services on remote computers on TCP/IP networks. Unlike SMB, the primary transport for CIFS is TCP. Ports 445/TCP and 445/UDP are registered for CIFS servers. CIFS provides functionality similar to FTP but provides clients with enhanced control over files.
NAS is easily expandable storage and synchronization space available to all users on an office or home network. Instead of adding memory to each user device, you can organize one shared storage for everyone, and each user will use as much space in it as he needs. In other words, the network NAS server is your own cloud storage.
All employees can have remote access to the NAS, their data in the storage will always be available remotely and at the same time protected from loss if the local equipment fails. One of the most common ways to communicate with such servers is using different protocols such as NFS, SMB, AFP, NCP, etc. designed just for fast data transfer.
The best variant to have all your data at your fingertips is a powerful cloud manager like CloudMounter that makes it possible to mount all your cloud accounts as well as remote servers as local drives directly on your Mac computer.
The app takes care of your privacy and implements AES-256 bit encryption to make sure no one can steal your data. The app supports connection to the most popular cloud storage and remote servers and is planning to add support for SMB protocol in the nearest feature.
Besides that, this cloud management tool makes it possible to mount as many cloud accounts as you need with no need to sync all the data between your Mac and cloud storage.
We have tried to cover all the basic aspects and useful information about SMB protocol. The key point of the protocol is access to file systems, so the main advantages are in the client/server connections between computers and file servers. In addition, we have provided solution such as CloudMounter, that can help you deal with files stored online right from Finder to facilitate your workflow. Hope you found this article rather informative.