[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Thoughts on Redhat 6.0

>> > is big in the home here, and so is file sharing over the internet.  I
>> > have an NT WINS server here at work, and a lot of my friends point at it
>> > from home so they can file share with each other over the internet.
>> Just thinking in this gives me the creeps.  You should read the Samba
>> book and the accompanying texts on the CDROM.  Using SMB over the
>> Internet is quite simply crazy.
>I had the same feeling.
>You can ( and should ) regulate access to SMBA using the hosts.allow
>parameter in the smb.conf file.

   To use an analogy, security is there to keep someone from stealing or
damaging your car.  But the primary purpose of a car is to drive it.  If
security makes it unable to drive, users will violate security.

   That said, the easiest way for a Windoze 95 user to access a remote
network file system, is SMB shares.  It looks like a drive, it works
with all those badly written programs...  My mother can actually do it
this way!  Try and explain FTP to my mother...  Go ahead...  I have
time. :-)

   That said, the new Samba allows you to authenticate against an NT
server, so no Linux passwords are compromised.  It allows hosts.allow
and hosts.deny, as well as real file system security.  It is immune to
all the NT hacks.  Yes, it has it's own vulnerabilities, but first the
attacker has to find out it isn't an NT box. :-)  If you accept that SMB
is needed to share files with the less educated, Linux/Samba is the way
to do it.