[Samba] samb.conf

Jim Carter jimc at math.ucla.edu
Tue Dec 31 20:42:01 GMT 2002

On Sat, 28 Dec 2002, Joel Hammer wrote:
> Since you are a beginner, and coming from windows98 you don't care about
> security yet, I would do two things to make your life easier for now.

3rd suggestion: upgrade to WinXP or Win2K and turn on restrictive
permissions.  It's not as secure as a well-maintained Linux box but it's a
whole lot better than consumer Windows (Win95-98-ME).  Or you could jump
into the cold bath of Linux on the desktop :-)

> In the global section, put:
> guest account = root
> This would be good for a share definition:
> [AllFiles]
> 	comment = All Files
> 	path = /
> 	read only = no
> 	guest ok =  yes
> This will give any windows user complete access to your linux box. Some
> people would say this is bad.

The script kiddies would say this is good.  Disconnect from the global
internet when doing this test, or you'll have them crawling out of your
monitor and printer within hours.

> Once you get this setup working,  you can put in restrictions on
> access. But, then you can learn all about passwords, permissions,
> firewalls, and all that annoying stuff which will provide hours of fun
> in the years to come.

Hear, hear.  If you set up a Linux firewall and log the hack packets,
you'll be glad you have effective defenses.  I get about one attempt per
minute, on the worst days.  Particularly for Samba, if your Samba server
also serves as the firewall, tell Samba to only listen on your internal
interface(s), not to the global Internet.  And to the extent feasible, turn
off services you don't actually use, and try to get the rest to only listen
internally.  And learn to effectively use the firewall script (iptables)
that comes with your distro.

James F. Carter          Voice 310 825 2897    FAX 310 206 6673
UCLA-Mathnet;  6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA 90095-1555
Email: jimc at math.ucla.edu  http://www.math.ucla.edu/~jimc (q.v. for PGP key)

More information about the samba mailing list