This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MS17-010 with SMBv1 Disabled

dfratiani
Engaged Sweeper

‎05-16-2017 06:35 PM

Not sure if this is possible.

Can someone generate a report like the one here: https://www.lansweeper.com/forum/yaf_postst14787_Ransomware--MS17-010-Windows-computers-that-are-potentially-vulnerable.aspx#post50430

However, I would also like it to exclude machines that we have manually mitigated according to: https://support.microsoft.com/en-us/help/2696547/how-to-enable-and-disable-smbv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012

Specifically, also exclude machines if the following registry key is set:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Registry entry: SMB1
REG_DWORD: 0 = Disabled

Thanks.
Labels:
0 Kudos
0 REPLIES 0

Archive

This board contains archived posts from the retired Lansweeper Forum and Insiders Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now