There are a couple of reasons you might do this, the first is an exploit.
The second is potential locking and corruption issues with legacy flat-file databases. There is a performance penalty in doing this - but how noticeable is it? What other reasons are there for not disabling SMB2 (assuming the security vulnerability is fixed) ?
-
"The second is potential locking and corruption issues with legacy flat-file databases." Please explain this issue a little bit more, e.g. what do you mean with flat-file databases? thx ice
Alan B : Well, MS Access and Visual FoxPro would be two example. In the case of the latter it is often necessary to turn off Opportunistic Locking on the server to alleviate multiuser file access and locking problems. This is done by setting EnableOplocks to 0 in the registry under HKLM\SYSTEM\CURRENTCONTROLSET\LANMANSERVER\PARAMETERS. However under Windows Server 2008 you can't turn that off without first turning SMB2 off.From Ice -
I would not disable SMB2. The only reason would be the flat-file databases which Microsoft doesn't recommend to use in the future.
If the application-client resides on a XP or W2K3 there is no SMB2 in action, even if the flat-file is stored on W2K8.
From Ice
0 comments:
Post a Comment