Limiting browing when Samba on a gateway
JF Martinez
jfm2 at club-internet.fr
Sat Aug 28 21:58:58 GMT 1999
>
>
> Did you consider using a firewall that avoids this traffic? Would make
> your system
> safer, if you have a direct internet connection.
>
> > We have a Samba server running on a gateway. However whenever a
> > client connects to it, Samba tries to report it to peers on the second
> > interface who happens to be connected to a cable modem and our ISP.
> > Is there a way to avoid this? I already have set up the interfaces
> > prameter to the intranet interface but doesn't seem to solve the
> > problem.
>
There are several reasons for doing this: one being cost and the other
being that until the client box has autentified to Samba we block all
connections going to the net. This forces us to place Samba on the
gateway.
Use of the "interfaces" clause is supposed to block connections coming
from the outside so (in theory) we have no Samba related security
risk. However it seems this clause does not stop samba trying name
service related tasks on the wrong net
--
Jean Francois Martinez
Project Independence: Linux for the Masses
http://www.independence.seul.org
More information about the samba
mailing list