[Samba] Security concerns?
Anthony Messina
amessina at messinet.com
Sun Feb 12 18:32:08 GMT 2006
Steve Freeman wrote:
> Thank you Anthony. The following is the output
>
> -----------------------------------
>
> Chain FORWARD (policy DROP)
> num target prot opt source destination
> 1 QUEUE all -- anywhere anywhere
> 2 ACCEPT all -- anywhere anywhere
>
> Chain INPUT (policy DROP)
> num target prot opt source destination
> 1 QUEUE all -- anywhere anywhere
> 2 ACCEPT all -- anywhere anywhere (NB -
> this should refer to loopback)
> 3 ACCEPT all -- anywhere anywhere (NB -
> and this one, the internal NIC)
> 4 ACCEPT tcp -- anywhere anywhere tcp
> spt:http
> 5 ACCEPT tcp -- anywhere anywhere tcp
> dpt:http
> 6 ACCEPT tcp -- anywhere anywhere tcp
> spt:domain
> 7 ACCEPT udp -- anywhere anywhere udp
> spt:domain
> 8 ACCEPT udp -- anywhere anywhere udp
> dpt:8767
> 9 ACCEPT tcp -- anywhere anywhere tcp
> dpt:3000
> 10 ACCEPT tcp -- anywhere anywhere tcp
> dpt:ssh
> 11 ACCEPT tcp -- anywhere anywhere tcp
> dpt:ftp
> 12 ACCEPT tcp -- anywhere anywhere tcp
> dpt:13139
> 13 tcp -- anywhere anywhere tcp
> dpts:14690 :14693
> 14 ACCEPT tcp -- anywhere anywhere tcp
> dpts:27243 :27425
> 15 ACCEPT tcp -- anywhere anywhere tcp
> dpt:27900
> 16 ACCEPT tcp -- anywhere anywhere tcp
> dpt:28900
> 17 ACCEPT tcp -- anywhere anywhere tcp
> dpt:29900
> 18 ACCEPT tcp -- anywhere anywhere tcp
> dpt:29901
> 19 ACCEPT tcp -- anywhere anywhere tcp
> dpt:6500
> 20 ACCEPT tcp -- anywhere anywhere tcp
> dpt:6515
> 21 ACCEPT tcp -- anywhere anywhere tcp
> dpt:3783
> 22 ACCEPT tcp -- anywhere anywhere tcp
> dpt:ircd
> 23 ACCEPT udp -- anywhere anywhere udp
> dpt:13139
> 24 udp -- anywhere anywhere udp
> dpts:14690 :14693
> 25 ACCEPT udp -- anywhere anywhere udp
> dpts:27423 :27425
> 26 ACCEPT udp -- anywhere anywhere udp
> dpt:27900
> 27 ACCEPT udp -- anywhere anywhere udp
> dpt:28900
> 28 ACCEPT udp -- anywhere anywhere udp
> dpt:29900
> 29 ACCEPT udp -- anywhere anywhere udp
> dpt:29901
> 30 ACCEPT udp -- anywhere anywhere udp
> dpt:6500
> 31 ACCEPT udp -- anywhere anywhere udp
> dpt:6515
> 32 ACCEPT udp -- anywhere anywhere udp
> dpt:3783
> 33 ACCEPT udp -- anywhere anywhere udp
> dpt:ircd
> 34 ACCEPT udp -- anywhere anywhere udp
> dpt:20500
> 35 ACCEPT udp -- anywhere anywhere udp
> dpt:20510
> 36 ACCEPT udp -- anywhere anywhere udp
> dpt:28960
>
> Chain OUTPUT (policy ACCEPT)
> num target prot opt source destination
> 1 QUEUE all -- anywhere anywhere
>
> ----------------------------------------
>
> Kind regards, and thanks again,
>
> Mike F
>
>> From: Anthony Messina <amessina at messinet.com>
>>
>> post your iptables rules:
>>
>> ~#] iptables -L --line-numbers
>>
well steve, you have it configured, but i am confused about the first
few lines, specifically the first:
1 QUEUE all -- anywhere anywhere
2 ACCEPT all -- anywhere anywhere (NB -
this should refer to loopback)
3 ACCEPT all -- anywhere anywhere (NB -
and this one, the internal NIC)
if your input policy is set to DROP everything, but your first rule is
"QUEUE everything from anywhere to anywhere". according to the iptables
man page:
"QUEUE means to pass the packet to userspace (if supported by the
kernel)."
do you have some userspace app that will handle all these packets? i
may be way off, but if you don't then wouldn't this be the equivalent of
allowing everything from anywhere to anywhere?
--
My Website: http://messinet.com
My Online Gallery:
http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3
More information about the samba
mailing list