 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Regardless of the type of authentication, remember that the actual SAMBA reads / writes are UNENCRYPTED! Better to do the SAMBA over SSH or some sort of VPN solution. BTW: How secure is that Windows box behind your server? Remember, the chain of security is only as strong as its weakest link. So, that may be the only box you're exposing, but once it's broken, your network is compromised. That's the reason for DMZs for stuff exposed to the internet. jeff On Thu, 18 May 2000, Ron Peterson wrote: > I'm contemplating opening my firewall to allow NetBIOS traffic through, > so people in my office can mount Samba shares from home. If I do this, > I thought I'd just port forward (I realize this only lets me expose one > machine, but that's o.k.) to my fileserver behind my masquerading > server. > > Am I being egregiously stupid? > > Samba supports encrypted authentication. Is this encryption strong > enough to ward off script kiddies and their ilk? Are there other > vulnerabilities, in addition to authentication, that I should be > concerned about? > > Are there better alternatives? Besides Oracle's IFS (I'm sure it may be > fine technology, I just don't like Oracle). Is a VPN the only way to > go? Would sure be nice to just NET USE T: \\HOST.MY.DOMAIN\SHARE. > > Right now, I allow people read-only access via a browser by setting up a > secure Apache host that points to where our office files are. Basically > run Apache's insecure authentication over https. But it would be nice > to allow full access, especially to people w/ cable modems or DSL. > > I just use ftp/ssh myself, but that's a bit much for most people here. > Get them on Linux? ------------------------------------------------------------------------ Jeffry Smith Technical Sales Consultant Mission Critical Linux smith at missioncriticallinux.com phone:978.446.9166,x271 fax:978.446.9470 ------------------------------------------------------------------------ Thought for today: Economics is extremely useful as a form of employment for economists. -- John Kenneth Galbraith - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
