[SPAMPROB:50%] RE: [Samba] Problem with SAMBA
Paul Espinosa
pespinosa at sunflowerbroadband.com
Wed Jun 16 17:55:40 GMT 2004
If you use those directives there is an implicit "deny all" and only the
specified hosts/network etc. will be allowed.
--
Paul Espinosa
pespinosa at sunflowerbroadband.com
IT Supervisor
The World Company
785/312-6912
.----[ Rodrigo Haces wrote ]----
|
|
| Thanks, that's greate, but how do i say tu deny all??
| hosts deny = ALL
| ??
| or how?
| Thanks!
| Rodrigo
|
| > -----Mensaje original-----
| > De: samba-bounces+rhaces_chistes=yahoo.com.mx at lists.samba.org
| > [mailto:samba-bounces+rhaces_chistes=yahoo.com.mx at lists.samba.org]En
| > nombre de Paul Espinosa
| > Enviado el: Miercoles, 16 de Junio de 2004 11:17 a.m.
| > Para: samba at lists.samba.org
| > Asunto: Re: [Samba] Problem with SAMBA
| >
| >
| > Instead of using /etc/hosts.allow and /etc/hosts.deny use the
| > "hosts allow"
| > and "interfaces" directive in the smb.conf.
| >
| > I use (in smb.conf [global] section):
| >
| > hosts allow = 192.168.1.0/24 127.0.0.1
| >
| > interfaces=192.168.1.0/24 127.0.0.1/32
| >
| > (Replace with your internal network values)
| >
| > To ensure that only my internal network has access to the samba
| > service.
| >
| > --
| > Paul Espinosa
| > pespinosa at sunflowerbroadband.com
| > IT Supervisor
| > The World Company
| > 785/312-6912
| >
| >
| > ..----[ Rodrigo Haces wrote ]----
| > |
| > |
| > | Hi, i have a debian box connected to internet by ADSL, in that box i
| > | share internet to all my local network, i also have to share 3
| > | directories with samba with full read/write permissions.
| > |
| > | my hosts.deny is ALL:ALL and my hosts.allow is ALL:127. AND
| > | ALL:192.168.0. so that i only accept connections from inside my
| > | local network.
| > |
| > | Here is the problem, i cannot ask for a password to let them
| > write in my
| > | directories because im using them as a database location so that my
| > | CRM application connects there, but with this, intruders from
| > | outside my network can write virus programs (And are actually doing
| > | it, writing a Xi.exe program). So, how can i prevent this? here is
| > | my smb.conf:
| > |
| > | [global]
| > | log file = /var/log/samba/log.%m
| > | passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
| > | *Retype\snew\sUNIX\spassword:* %n\n
| > | socket options = TCP_NODELAY
| > | obey pam restrictions = yes
| > | null passwords = yes
| > | encrypt passwords = true
| > | passdb backend = tdbsam guest
| > | passwd program = /usr/bin/passwd %u
| > | dns proxy = no
| > | netbios name = Servidor
| > | server string = %h server (Samba %v)
| > | invalid users = root
| > | workgroup = infosys
| > | debug level = 0
| > | os level = 20
| > | syslog = 0
| > | security = share
| > | panic action = /usr/share/samba/panic-action %d
| > | max log size = 1000
| > |
| > | [bitacora]
| > | writeable = yes
| > | public = yes
| > | path = /files/bitacora
| > |
| > |
| > | [comun]
| > | writeable = yes
| > | public = yes
| > | path = /files/comun
| > |
| > | [admivi]
| > | writeable = yes
| > | public = yes
| > | path = /files/admivi
| > |
| > | Thank in advanced
| > | Rodrigo
| > |
| > --
| > To unsubscribe from this list go to the following URL and read the
| > instructions: http://lists.samba.org/mailman/listinfo/samba
|
More information about the samba
mailing list