True. SMB1 doesnt make much of a difference at home. Most important is that you dont use SMB1 with Windows XP or below because of Eternalblue. MS has perfectioned to say SMB1 is not trustworthy because of Windows XP. But if you use SMB1 on Windows 10, you dont have much more issues as with SMB3. More problematic are old printers. Anyways, SMB1 on ROS 6 or 7 should be quite ... unproblematic. But the CPU's in routers arent very performant. Thats an issue with SMB 2.1 and 3.0.
@@Jerrec SMB1 is deprecated pretty much everywhere; like shown in the video, samba defaults to v2 minimum, and Windows behaves similarly. If you have Windows 10 or never, and don't use SMB1 during the first 15 days after the installation, it will get disabled. The solution is really to use v2 or newer. It won't necesarilly increase CPU usage, the encryption and signing are still optional. But it is a better designed protocol, with no security holes. Promoting SMB1 still is a pretty face-palmish.
Some questions (that will most likely never get an answer from MT) - Does this service listen on all interfaces - including wan? - SMB1 - are you serious?! - SMB is not for large files - why? It does support file transfer resume. SMB is bad on networks with high latency but I don't see a problem moving multi GB files around using that. - How about implementing https (not only http) on SwOS and support for passwords longer than 12chars. Where are you going with those weird features? I don't see people asking for that stuff on your forums... oh wait I forgot... you don't look there.
This is quite nice in combination with RAM disks (if your router has the RAM for it). Allows you to get files (eg config files) from A to B without burning through NAND or requiring a dedicated NAS.
I want to point out that EVERY usualy Linux Destro disables SMB1 by default. There is no need to flame KDE or Manjaro for it. Grated, Manjaro is crappy, but they did it right here. I understand though, that SMB above 2.0 adds much CPU load you dont want and use old SMB versions. But this also happens with GNOME. And you quite often mixed up KDE with Majaro. KDE Plasma is just a desktop. I use KDE since SUSE 6.0
Windows 10 disables SMB1 too, if not used during 15 days since installation. Windows 10 release newer than 1709 disables it by default. Linux distributions with Samba were actually late-comers there ;). The only operating system that still supports SMB1 by default is Mac.
Since the smb server was crashing my router in 6.10, I don't want to touch it again even if it probably now works. Even on Windows, I've always had problems connecting to another version of Nework Neighborhood and usually receive a general error "access denied" or similar. I don't need to load the file on the fly into a program, I prefer FTP, which is not as sensitive to latency.
Thank you. Please tell me if it is possible to specify the path to the folder on the MikroTik itself when exporting the configuration from the MikroTik? I have a folder rаm need to save configs in this folder and not in the root of the drive.
I assume you mean to have the TheDude files on say a NAS instead? If that's the case, I'd rather see NFS support since MT devices run on a customized version of Linux. NFS works a lot better on Linux than SMB does from my experience.
I guess they dont want the CPU Load of SMB 2.1 and newer. Though SMB1 is not an issue at home for most users. Eternalblue is fixed. And Windows perfectioned to say SMB1 is unsafe because of WinXP and Eternalblue. Please keep in mind, that SMB3 may be much more secure, but also much more CPU heavy which those routers cant handle. If you use ROS as full NAS; you do something wrong. For fast file access, it work, though I dont like it either.
Yeh. You folk make some great network gear, but ... this feature needs a bit more time in the oven. The current SMB3 protocol, Linux, and Samba have some *excellent* support for wire-speed file transfer (even over 10Gbps and faster). You need a new-enough (last few years??) version of Linux. Current Samba is always a good idea (and why not?). Also you want to consider disallowing SMB1 (as we do not want MikroTik featuring in a future CVE).
@@mikrotik that does not make it secure... it allows everything from the LAN and an attack can happen as easily from the LAN as from the WAN. A router should never run SMB, should never run docker, ...
