On Sep 13, 2005, at 6:15 PM, Joachim Dagerot wrote:
However, due to some windows clients in the network we are forced
to run samba. Are there any known security problems with that?
Windows networking does not have a great track record in terms of
security, and Samba has had about a dozen security bugs over the past
four years:
http://us1.samba.org/samba/history/security.html
This record is pretty decent considering the range of protocols they
are dealing with, don't get me wrong, but I would not rely on the
version of Samba available today being completely secure, either.
Is there a way to tunnel the file traffic over SSH without any
trouble for the users?
Not short of setting up a full VPN, no.
(It's ok to install keys etc on their machine, but they must only
be forced to login with the windows password).
I guess my question are two:
1. Is samba safe enough to run on the LAN side of a machine that
are available from the internet only on port 22 and only for users
with a RSA key?
Samba is fine if restricted to a LAN with a firewall blocking the
Windows ports like 135-139 TCP and UDP, 445, etc.
2. Is there a better file sharing system that works good for the
windows users than samba?
Not really. You can set up PCNFS on the Windows boxes, but that
doesn't work as well as Samba does...
--
-Chuck
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
