[Samba] Running SMB protocol on a web server - Secure or not?
Geoffrey Scott
geoffs at guestshire.com
Sun Jul 17 22:42:44 GMT 2005
SCOTT BARRIE wrote:
> We have a persistent request from web developers to install samba on
> web servers (Solaris 8\Apache) located in our DMZ to enable them to
> view log files and data etc from their XP desktops in real
> time...they do not have Unix Accounts in Production. I've been led to
> believe that installing samba on a web server seriously compromises
> security and those responsible for the firewall in the DMZ agree.
> The problem is I'm having difficulty finding up to date information
> to present a case either to refuse or grant permission for this
> request.
> Any opinions or links to related papers more than welcome.
> Thanks for your time
> Scott
hosts allow = 192.168., 127.
hosts deny = 0.0.0.0/0
Or maybe you could also use:
bind interfaces only = eth1, lo etc
More information about the samba
mailing list