Start Powershell as an administrator and run the following to disable SMB Version 1.
PS C:\> Get-SmbServerConfiguration | select enablesmb1protocol enablesmb1protocol ------------------ True PS C:\> Set-SmbServerConfiguration -EnableSMB1Protocol $false Confirm Are you sure you want to perform this action? Performing operation 'Modify' on Target 'SMB Server Configuration'. [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): PS C:\> Get-SmbServerConfiguration | select enablesmb1protocol enablesmb1protocol ------------------ False
On Windows 2008 you need to do this by using the registry. Add/edit the following Key and set it to 0 (Zero).
To enable or disable SMBv1 on the SMB server, configure the following registry key:
Registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters Registry entry: SMB1 REG_DWORD: 0 = Disabled REG_DWORD: 1 = Enabled Default: 1 = Enabled
Then you need to run some command line (as administrator) programs:
c:\> sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi c:\> sc.exe config mrxsmb10 start= disabled
If you only add the registry change Nessus will then complain that the client is still vulnerable.