Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CIFS (or equiv.) and security

I'm contemplating opening my firewall to allow NetBIOS traffic through,
so people in my office can mount Samba shares from home.  If I do this,
I thought I'd just port forward (I realize this only lets me expose one
machine, but that's o.k.) to my fileserver behind my masquerading

Am I being egregiously stupid?

Samba supports encrypted authentication.  Is this encryption strong
enough to ward off script kiddies and their ilk?  Are there other
vulnerabilities, in addition to authentication, that I should be
concerned about?

Are there better alternatives?  Besides Oracle's IFS (I'm sure it may be
fine technology, I just don't like Oracle).  Is a VPN the only way to
go?  Would sure be nice to just NET USE T: \\HOST.MY.DOMAIN\SHARE.

Right now, I allow people read-only access via a browser by setting up a
secure Apache host that points to where our office files are.  Basically
run Apache's insecure authentication over https.  But it would be nice
to allow full access, especially to people w/ cable modems or DSL.

I just use ftp/ssh myself, but that's a bit much for most people here.

Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at (Subject line is ignored).

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /