[Samba] computer outside domain can access resource to inside
Wolfgang Ratzka
ratzka at hrz.uni-marburg.de
Wed Jun 21 09:43:47 GMT 2006
syamsu.alam at showa.co.id schrieb:
> But, I have one problem. There is one user, bring the private notebook. He create ip
> address (same with his office-computer), local account and password (same with his
> account in PDC) in his notebook.Then he un-plug LAN cable from his office-computer and
> plug-in to his private-notebook. And he can access share-file in other computer.
>
A user who has physical access to the network will be able to do all kinds of things.
(Samba's behaviour in this case is Windows-NT compatible.)
As for technical means to prevent this kind of thing: Some switches can be configured to
shut down a port if they see an unknown MAC-address. (Cisco's name for this is "port
security". Of course there are ways to circumvent this :-/ ).
--
Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994
Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany
http://www.uni-marburg.de/hrz/mitarbeiter/ratzka.html
More information about the samba
mailing list