[Samba] computer outside domain can access resource to inside

Wolfgang Ratzka ratzka at hrz.uni-marburg.de
Wed Jun 21 09:43:47 GMT 2006

syamsu.alam at showa.co.id schrieb:

> But, I have one problem. There is one user, bring the private notebook. He create ip
> address (same with his office-computer), local account and password (same with his
> account in PDC) in his notebook.Then he un-plug LAN cable from his office-computer and
> plug-in to his private-notebook. And he can access share-file in other computer.

A user who has physical access to the network will be able to do all kinds of things.
(Samba's behaviour in this case is Windows-NT compatible.)

As for technical means to prevent this kind of thing: Some switches can be configured to
shut down a port if they see an unknown MAC-address. (Cisco's name for this is "port
security". Of course there are ways to circumvent this :-/ ).

Wolfgang Ratzka  Phone: +49 6421 2823531  FAX: +49 6421 2826994
Uni Marburg,  HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany

More information about the samba mailing list