On Tue, Feb 05, 2008 at 03:56:35PM -0800, Andrew Sackville-West wrote: > On Tue, Feb 05, 2008 at 01:14:37PM -0700, ChadDavis wrote: > > This may a bit off topic, but I am talking about a debian base network, and > > I sense that many of the people on this list have admin expertise. > > > > I have a small home office network. I recently set up samba and in the > > process realized I'm not all that honed on security issues. My concern is > > this, when I set up something like filesharing, I'm just doing this for the > > efficiency of my two person software development company; the other employee > > is my wife. In this environment, I generally just set things up as loose > > and quick as possible. > > > > My question is, am I wrong for thinking that security isn't of much concern, > > in regards to something like samba file sharing, for our two user network. > > My theory is that as long as I keep my network shutdown to outside access, > > everything is cool. For instance, I generally don't forward any ports from > > my DSL router into my local machines. On occasion I'll open 80 to let my > > clients do some testing. Am I right in assuming this means I don't have to > > tighten up something like file sharing? > > I'm no expert by any stretch, but I think in your case, if you are > behind a secure firewall, then no, security internal to your LAN is > not an issue. That assumes you trust your wife ;) > > Now, opening port 80 to test software is a different issue. If you are > "testing" software, then it is likely not secure and not something you > want to have protecting the rest of your network. That's how you > should look at it -- if you open the port, then whatever code you have > on that port is now your line of defense for that port. If that code > fails to be secure, then your network is not secure. In that case, I'd > agree that moving your test bed outside your main network would be a > good idea.
http://www.debian-administration.org/articles/552 -- Chris. ====== -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
