[Samba] [3.6.6] nmbd reachable on 0.0.0.0: Safe?
Rowland Penny
rpenny at samba.org
Sun Jul 9 12:12:09 UTC 2017
On Sun, 9 Jul 2017 03:24:16 -0700 (PDT)
Winfried via samba <samba at lists.samba.org> wrote:
> Hello
>
> I'm running Samba 3.6.6 on a Linux host on a LAN connected to the
> Net, with my ADSL modem acting as firewall/router so as to keep local
> services like Samba unaccessible from the Net.
>
> Still, I wanted to check if it's safe to have nmbd reachable from
> 0.0.0.0 on UDP137
0.0.0.0 in this context refers to the default route, so yes it is
safe, I would be more worried about the fact you are still using a
version of Samba that went EOL quite some time ago ;-)
For more info on 0.0.0.0, see here:
https://www.howtogeek.com/225487/what-is-the-difference-between-127.0.0.1-and-0.0.0.0/
>
> ~# netstat -tunlp
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign Address
> State PID/Program name
> tcp 0 0 127.0.0.1:445 0.0.0.0:*
> LISTEN 1917/smbd
> tcp 0 0 192.168.0.15:445 0.0.0.0:*
> LISTEN 1917/smbd
> tcp 0 0 127.0.0.1:139 0.0.0.0:*
> LISTEN 1917/smbd
> tcp 0 0 192.168.0.15:139 0.0.0.0:*
> LISTEN 1917/smbd
> tcp6 0 0 ::1:445 :::*
> LISTEN 1917/smbd
> tcp6 0 0 fe80::50:43ff:fee7::445 :::*
> LISTEN 1917/smbd
> tcp6 0 0 ::1:139 :::*
> LISTEN 1917/smbd
> tcp6 0 0 fe80::50:43ff:fee7::139 :::*
> LISTEN 1917/smbd
> udp 0 0 192.168.0.255:137
> 0.0.0.0:* 1913/nmbd
> udp 0 0 192.168.0.15:137
> 0.0.0.0:* 1913/nmbd
> udp 0 0 0.0.0.0:137
> 0.0.0.0:* 1913/nmbd
> udp 0 0 192.168.0.255:138
> 0.0.0.0:* 1913/nmbd
> udp 0 0 192.168.0.15:138
> 0.0.0.0:* 1913/nmbd
> udp 0 0 0.0.0.0:138
> 0.0.0.0:* 1913/nmbd
>
> Also, do I really need to use IPv6 on my LAN?
Only if you actually use IPv6 on your network.
Rowland
More information about the samba
mailing list