Configuring firewall to allow Samba to work

Wolfgang Ratzka ratzka at HRZ.Uni-Marburg.DE
Thu Mar 13 08:52:44 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----

nobody at bogus.org wrote:
|
| This is a note for all those people out there who had to turn off their
| firewalls (iptables) to get Samba to work.  First start the GUI
| interface to the firewall by typing

- - Your hint should only apply to a firewall that serves to harden your server
~  installation, i.e. if you use iptables on your server to control, which
~  kind of packets *from your local net* your server responds to.
~  If your firewall has the additional purpose to separate your local net
~  from the internet, then allowing NetBIOS over TCP/IP is not a good idea.
~  There are currently several windows worms that scan random IP address
~  ranges for weakly protected windows shares, so opening up your network to
~  these protocols is a bad idea!
~  To repeat that: You should open Ports 137, 138 and 139 (UDP and TCP)
~  only for your local net, not for the internet.

- - Are we going to accept hints from someone without a name and with an
~  address "nobody at bogus.org"? I have the strong suspicion, that your
~  real purpose might be to trick people into opening up their firewalls.

- --
Wolfgang Ratzka  Phone: +49 6421 2823531  FAX: +49 6421 2826994
Uni Marburg,  HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany
~          http://www.uni-marburg.de/hrz/mitarbeiter/ratzka.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBPnBG2xwiO5rz0xULAQEyFwf/YD1AEn7jz5W9Pzp3KbyMpPv+XbFZA0qw
1pM0EY72XzJ1Dn6X1N4aJ7PT+Cwqr6CVj/fxaVaOBY+C4HYZ9pJomTDevp9W/npp
GZM4mkHylVHH/D59nHsd6x4IhLYllENTIGeHOdxRVN19XnYsIPt4EJ9R1GADrjRA
5dMowsaFBsX2Qymj7MM9N3wIzHkHft9eHHKXfMJd5bmPinqmtMFHHEOcgKSzutHZ
Z5d5vijP9DQuPxv2v5kLx6OKYPwmLXP+6sKOno0Q/l08EZUROaBHTQD6heeYCqC2
hPaWGaxRrtF/IO2YVLH9A5UFSOK9/Qiwwihv7cFTDn/VIB/IbY0yjw==
=xV38
-----END PGP SIGNATURE-----



More information about the samba-docs mailing list