[Samba] smbpasswd security

[andy thomas]

Is it possible for a casual Windows user to find out the usernames listed
in a smbpasswd file from his or her PC? (I'm not really a Windows person
so I'm probably not aware of a lot of the tricks of the trade).

We have a samba server which is publicly accessible from the 'Net although
shares are protected and access limited to a few known users whose
usernames and encrypted passwords are contained in smbpasswd. Looking through
the logs, I'm intrigued by the attempted connections from unknown clients
who seem to know every username listed in smbpasswd. It is of course possible
that these connections are from colleagues who know the authorised usernames
but I want to know if there is any way a complete stranger using an ordinary
PC with no log-in access to the server can deduce these. I'm happy to say none
of these connection attampts have been successful.

Andy