[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Thoughts on Redhat 6.0
>SMB's security is trivial to break. This is OK for an intranet were
>people are working for the same goal and in addition there is a boss
>who can retaliate in case an employee is misbehaving but it is very
>dangerous on the Internet. That is why Microsoft itself does not try
>to push it for this task but it is trying to ready another protocol
Yes it is. That is one of the main things I am liking about Samba.
It is a MUCH more secure implementation of SMB sharing. I am still
working on weather it can FORCE encrypted passwords, but it can hand off
authentication to NT, and NT can. I also like the fact that one OS can
handle authentication, while another handles file security. Put a
source routed packet filter on your router as well, and your hacker
needs expertise in 3 OSs to get in. It gets into the "too much trouble"
class then. :-)
Also, the last survey I read stated that %60 of data loss <distorted
or dispersed> came from internal hacks. <%30 virus damage %18 external
hacks, %12 hardware failure> The real danger is inside, and Samba on
Linux allows syslog, a tripwire...
I am not trying to say SMB is a good thing, but that it is the only
thing for most users. And the secure way to go is Linux/Samba. :-) I
have a feeling that CIFS will have similar problems on NT.
>Of course if this is your personal box it is OK but if I were a boss
>and I learned my employees are using SMB through the Internet for home
>work I would have the security guy condemned to the fire squad.
>Recidivists would be shipped to Redmond. There are people who told me
>the first penaly was OK but that despite the second one being only for
>recidivists I would being trialed for war crimes. ;-)
Hehe... Here is another funny bit. smbclient -L is easier to script
than the NT equivalent. I just mapped out all the shares on my network
last night. I have been making phone calls this morning. :-) I am in
no danger of loosing my perceived deification. :-) I am so amused that
some of the best NT management tools are on Linux. And "this little
stripped down home version" to boot. ;-)