What SMB Does
SMB enables file and printer sharing over a local network or the internet. When you access \\192.168.1.10\media in Windows File Explorer, your computer uses SMB to: negotiate a protocol version with the server; authenticate using your credentials (local account or Active Directory); enumerate the shared directories; and then read, write, and browse files using SMB commands (open, read, write, close, seek, lock).
SMB also handles distributed file locking — when multiple users access the same file, SMB coordinates which client has read or write access to prevent corruption. This file locking behavior is specific to SMB and differs from NFS, which has more relaxed locking semantics.
SMB1 vs SMB2 vs SMB3
SMB1 (CIFS): The original version from the 1990s. Chatty, inefficient, and critically vulnerable. The EternalBlue exploit (used by WannaCry and NotPetya ransomware) targeted SMB1 to spread laterally across networks in 2017 with devastating effect. Microsoft has disabled SMB1 by default in Windows 10 (1709 and later) and Windows Server 2019+. SMB1 should be disabled on all devices on your network.
SMB2: Released with Windows Vista and Server 2008. Major efficiency improvement — reduced the number of round trips required for common operations from dozens to a handful. Added larger buffer sizes, request compounding, and durable handles for better reliability over WAN links. SMB2.1 added opportunistic locking improvements.
SMB3: Released with Windows 8 and Server 2012. Added end-to-end encryption (optional per-share), multichannel (using multiple network interfaces simultaneously for higher throughput), transparent failover for clustered file servers, and directory leasing to reduce metadata round trips. SMB3.1.1 (Windows 10 / Server 2016) added mandatory pre-authentication integrity to prevent man-in-the-middle attacks against the negotiation phase.
Samba: SMB on Linux and macOS
Samba is the open-source implementation of the SMB protocol for Linux, macOS, and other Unix-like systems. It provides file sharing from Linux servers to Windows clients, Active Directory domain controller functionality, and a comprehensive suite of tools for SMB interoperability. NAS operating systems (TrueNAS, OpenMediaVault) use Samba for their SMB file sharing. Synology and QNAP NAS devices run proprietary SMB implementations built on Samba.
The smb.conf file is Samba's central configuration file. A minimal share configuration specifies the path, valid users, and read/write permissions. Samba supports SMB2 and SMB3 — configure min protocol = SMB2 in smb.conf to disable SMB1 explicitly.
SMB Version Comparison
| Version | Introduced With | Key Features | Security | Status |
|---|---|---|---|---|
| SMB1 (CIFS) | Windows NT / LAN Manager | Basic file/printer sharing | Critical vulnerabilities (EternalBlue) | Disabled by default in modern Windows; disable it |
| SMB2 | Windows Vista / Server 2008 | Efficient request pipelining, larger buffers | Good | Supported; minimum acceptable version |
| SMB2.1 | Windows 7 / Server 2008 R2 | Opportunistic locking improvements | Good | Supported |
| SMB3 | Windows 8 / Server 2012 | Encryption, multichannel, transparent failover | Excellent (with encryption) | Recommended |
| SMB3.1.1 | Windows 10 / Server 2016 | Pre-auth integrity, AES-128-GCM encryption | Excellent | Best; use when possible |
Frequently Asked Questions
How do I check if SMB1 is enabled on Windows?
Run Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol in an elevated PowerShell window. If State shows Enabled, disable it with Disable-WindowsOptionalFeature -Online -NoRestart -FeatureName SMB1Protocol. On Windows Server, use Get-SmbServerConfiguration | Select EnableSMB1Protocol and Set-SmbServerConfiguration -EnableSMB1Protocol $false.
Why was SMB1 so dangerous?
EternalBlue (CVE-2017-0144) was an NSA-developed exploit for a buffer overflow in SMB1's transaction handling. It allowed unauthenticated remote code execution on any Windows system with SMB1 enabled and network-accessible. WannaCry ransomware used EternalBlue to self-propagate across networks, encrypting every vulnerable Windows machine it could reach. The 2017 outbreak caused billions of dollars in damages globally.
Does SMB encryption slow down file transfers?
SMB3 encryption (AES-128-CCM or AES-128-GCM) adds CPU overhead. On modern processors with AES-NI hardware acceleration (virtually all CPUs from the last decade), the overhead is minimal — typically 5–15% throughput reduction. For a gigabit LAN, encryption overhead is imperceptible in practice because the network link itself is the bottleneck, not the encryption computation.
What is Samba and do I need it on a home NAS?
Samba is the open-source SMB server for Linux. If your NAS runs Linux (TrueNAS, OpenMediaVault, or a DIY Linux server), Samba provides SMB file sharing to Windows, Mac, and Linux clients. Commercial NAS devices from Synology and QNAP include their own SMB implementation (built on Samba) and configure it through a graphical interface — you do not interact with smb.conf directly.