samba and firewalls
Wandered Inn
esoteric at denali.atlnet.com
Thu Apr 27 03:12:29 GMT 2000
Don't we meet in unusual places! (inside joke) Just a note, I'm
reconfiguring my whole home network (in preparation for DSL as well).
What you might consider doing is putting together an old 486/pentium xx
to function strictly as your firewall. You could probably pick one up
for near nothing these days. I'm working on putting together the
bastion/choke configuration from Ziegler's book. More as a learning
experience then a necessity.
Steve Cohen wrote:
>
> I have a little home network with one Windows 98 PC and a pc running
> linux.
> My idea is that as soon as DSL is finally made available to my area
> (which I keep getting told will be real soon now) I want to route it
> through the linux box and up to the Windows PC, using IP masquerading,
> etc.
>
> At present I have samba enabled on the unix box which opens up several
> worthwhile conveniences to me: printing, backing up critical files,
> etc., that would not be possible without it.
>
> Of course, once this is up, there is the firewall issue to consider,
> which as PPP internet accessor I haven't had to worry about. But I am
> reading up on the matter. One source I am using is Linux Firewalls by
> Robert L. Ziegler (New Riders).
>
> One of the points in this book is that a firewall PC should never run
> samba because it opens up vulnerabilities to attack. The author doesn't
> go into much detail, nor does he offer any workarounds. He just says
> you shouldn't do it. Period.
>
> My question is how serious a problem this is. Is it as clear cut an
> issue as the author makes out or are there successful examples of samba
> being run on a firewall PC, and ways around the vulnerability. Or
> should I invest in another machine or get rid of samba?
--
Until later: Geoffrey esoteric at denali.atlnet.com
I'm afraid there will be more problems with W2K than there were with
Y2K...
More information about the samba
mailing list