RE: Linux firewall for a Samba || NT file server

[Scott Stone <SStone@example.com>]

MSIE can drag-and-drop to/from ftp servers...

-----------------------------------------------------
Scott M. Stone <sstone@example.com>
Senior Technical Consultant - UNIX and Networking
Taos, the Sysadmin Company - Santa Clara, CA


-----Original Message-----
From: Jean-Christian Imbeault [mailto:jean_christian@example.com]
Sent: Thursday, August 02, 2001 7:52 PM
To: tlug@example.com
Subject: Re: Linux firewall for a Samba || NT file server


>From: Jake Morrison <jake_morrison@example.com>
>
>If I recall correctly, there are some potential security
>problems with allowing access to udp/137 -- crackers can
>use it to map out your network.

Ouch. Sounds like something I don't want.

>You would probably be better off running HTTP or FTP.

Agreed. But I want to set up a file server for "dumb" windows users. i.e. 
drag -and-drop.  I don't think FTP or HTTP will quite do it. They can easily

get the files, but putting files on the machines isn't so easy.

>Allowing write access is also quite tricky. It can be used
>to compromise the server or store warez.

Hum, more bad news . . .

So if and SMB server has all these security holes what would you recommend?

I guess the problems is that the file server is for internal use only but I 
still want to make it secure just in case one of internal machines get 
compromised and then is used to hack the file server.

Jc

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

-----------------------------------------------------------------------
Next Nomikai Meeting:    Fri, Aug 10 19:30-  Tengu Tokyo Eki-Mae
Next Technical Meeting:  Sat, Sep 15 13:30-  Akasaka Kumin Center
-----------------------------------------------------------------------
more info: http://www.tlug.gr.jp           Sponsor: Global Online Japan