Well, so far it's not been a problem, although I keep a close watch on suspicious activity. (You'll notice entries for hosts allow and hosts deny. So far that seems to be pretty effective, although I do notice twits trying to access and being denied): hosts allow = 192.168.3.0/255.255.255.224 192.168.2.0/255.255.255.0 128.119.216.0/255.255.255.0 216.175.212.192/255.255.255.240 hosts deny = all # <- no other machines can access Perhaps you could suggest conf options that allows [incoming] connections, but don't broadcast availability (i.e. is 'invicible' to all but people that know that that machine is a smb server). As I said, I'm not samba expert! (BTW, my wife accesses the system from her computer at UMass) On Monday, May 7, 2001 11:01 AM, Keller, Tim <Tim.Keller@stratus.com> wrote:
Hey I was looking at the sample smb.conf file (and I've set up a bunch of samba servers as well) and I saw something odd (well odd for me)
-- start cut -- # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. interfaces = 192.168.3.1 24.91.122.146 -- end cut --
From a home network point of view, why would you want samba to bind to your external (24.xx...) address? Maybe I'm doing something wrong?
I personally add rules to my firewall to block outgoing and incoming SMB traffic to the outside world. SMB as a protocol goes (if you could call it that) tends to tell the world more then one would want...
Tim.
-- Peter Gutowski <peter@linuxchamps.com> // tel.: (413) 587-3957 "When in company, put not your hands to any part of the body not usually discovered." --George Washington, _Rules for Civility and Decent Behavior_