[Samba] Running SMB protocol on a web server - Secure or not?

Geoffrey Scott geoffs at guestshire.com
Sun Jul 17 22:42:44 GMT 2005

> We have a persistent request from web developers to install samba on
> web servers (Solaris 8\Apache) located in our DMZ to enable them to
> view log files and data etc from their XP desktops in real
> time...they do not have Unix Accounts in Production. I've been led to
> believe that installing samba on a web server seriously compromises
> security and those responsible for the firewall in the DMZ agree.    
> The problem is I'm having difficulty finding up to date information
> to present a case either to refuse or grant permission for this
> request.  
> Any opinions or links to related papers more than welcome.
> Thanks for your time
> Scott

 hosts allow = 192.168., 127.
 hosts deny = 

Or maybe you could also use:

       bind interfaces only = eth1, lo etc

More information about the samba mailing list