[Samba] How secure is SMB3 over internet?
Reindl Harald
h.reindl at thelounge.net
Sat Oct 20 02:54:41 UTC 2018
Am 19.10.18 um 20:04 schrieb jmqaodmthr1acosyg--- via samba:
> Hello,
> How secure is SMB3 over Internet? I see that Microsoft Azure is doing SMB3 shares over internet so they seem to think it's secure.
> Does the SAMBA team recommend this type of scenario OR do they recommend instead running it over a SSH tunnel/VPN?
i won't even consider it
ports 137,138,139,445 ar eblocked outgoing here and any inbound
connection on that ports will reject your source-ip for some seconds on
any prot over the whole network
it's in general not wise to expose uncommon public services (common =
http, ssh, ftp, email) to the web without a ssh-tunnel and if it only
because the next security issue don't bother you that much
surely, patches have to be applied anyways but there is a difference in
patch services only reachable withina tunnel and patch exposed services
More information about the samba
mailing list