[Samba] cifs traffic over less trusted networks

mourik jan heupink - merit heupink at merit.unu.edu
Fri Feb 13 05:49:01 MST 2015

Hi all,

We might need to open port 445 for some (specific) external ip's, so 
they can make a direct connection to our samba4 AD fileservers.

I am wondering how secure that would be, as we would normally use a VPN 
connection for something like this.

So: What smb.conf options would I need to set, to make cifs traffic over 
a less-trusted network as safe as possible? (or is cifs traffic by 
nature already encrypted/secure/safe?)

Clients will be only windows7, samba4 in active directory mode, version 
4.1.16 from sernet.

Kind regards,

Mourik Jan

More information about the samba mailing list