Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- Date: Tue, 15 Feb 2011 19:55:11 +0900
- From: Dave M G <dave@example.com>
- Subject: Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- References: <4D58FA80.90409@example.com> <AANLkTimk+rjxMNCpHGNTqdw4x=zt0kjy51RYOm+aW8a9@example.com> <4D595238.6030000@example.com> <AANLkTi=sJgxVh3v-Cqwd7WCXOHxJJs8+m5AR-HnQ3Uo8@example.com> <4D5A0A79.7080809@example.com> <AANLkTi=tnbSSHXMvUVuUWZ557T1AQsQprF07p0=JJcog@example.com>
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7
Romeo, Stephen, Simon, Thank you guys for responding and providing guidance. I hope that I sanitized my samba config file enough to display here. I didn't see anything that looked like it would give away any information that could be a security problem for me, but maybe I just don't know what I'm looking at. In any case, I stripped out all the comments for brevity, and I've included it at the bottom of this message. (If I have inadvertently put in something that should not be posted publicly, perhaps a moderator could be so kind as to remove the message...?) I also had a file in my home directory: $ more /home/dave/.smb/smb.conf [global] client lanman auth = yes lanman auth = yes name resolve order = bcast host dos charset = CP850 workgroup = HOMEGROUP At first it had the wrong workgroup in it, so I fixed it and then rebooted both computers, but no joy. What I'm showing you here is how it currently is, and it has the correct workgroup. Now that I know I need to be root to run the lsof commands, here is their output: dave@example.com:~$ sudo lsof -i :445 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME smbd 1209 root 24u IPv4 9046 0t0 TCP *:microsoft-ds (LISTEN) dave@example.com:~$ sudo lsof -i :137 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nmbd 2397 root 9u IPv4 10248 0t0 UDP *:netbios-ns nmbd 2397 root 11u IPv4 10251 0t0 UDP homebase:netbios-ns nmbd 2397 root 12u IPv4 10252 0t0 UDP 192.168.0.255:netbios-ns dave@example.com:~$ sudo lsof -i :138 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nmbd 2397 root 10u IPv4 10249 0t0 UDP *:netbios-dgm nmbd 2397 root 13u IPv4 10253 0t0 UDP homebase:netbios-dgm nmbd 2397 root 14u IPv4 10254 0t0 UDP 192.168.0.255:netbios-dgm dave@example.com:~$ sudo lsof -i :139 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME smbd 1209 root 25u IPv4 9048 0t0 TCP *:netbios-ssn (LISTEN) So... uh... does all this look healthy? smb.conf: [global] workgroup = HOMEGROUP server string = %h server (Samba, Ubuntu) ; wins server = w.x.y.z dns proxy = no ; name resolve order = lmhosts host wins bcast ; interfaces = 127.0.0.0/8 eth0 ; bind interfaces only = yes log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user ; domain logons = yes ; logon path = \\%N\profiles\%U ; logon drive = H: ; logon script = logon.cmd ; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u ; add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u ; add group script = /usr/sbin/addgroup --force-badname %g ; printing = bsd ; printcap name = /etc/printcap ; printing = cups ; printcap name = cups ; include = /home/samba/etc/smb.conf.%m ; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' & ; idmap uid = 10000-20000 ; idmap gid = 10000-20000 ; template shell = /bin/bash ; winbind enum groups = yes ; winbind enum users = yes ; usershare max shares = 100 usershare allow guests = yes ;[homes] ; comment = Home Directories ; browseable = no ; read only = yes ; create mask = 0700 ; directory mask = 0700 ; valid users = %S ;[netlogon] ; comment = Network Logon Service ; path = /home/samba/netlogon ; guest ok = yes ; read only = yes ; share modes = no ;[profiles] ; comment = Users profiles ; path = /home/samba/profiles ; guest ok = no ; browseable = no ; create mask = 0600 ; directory mask = 0700 [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no ; write list = root, @lpadmin ;[cdrom] ; comment = Samba server's CD-ROM ; read only = yes ; locking = no ; path = /cdrom ; guest ok = yes ; preexec = /bin/mount /cdrom ; postexec = /bin/umount /cdrom -- Dave M G
- Follow-Ups:
- References:
- [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- From: Dave M G
- Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- From: Romeo Theriault
- Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- From: Dave M G
- Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- From: Romeo Theriault
- Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- From: Dave M G
- Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- From: Romeo Theriault
- [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- Prev by Date: Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- Next by Date: Re: [tlug] Are ordered hashes useful?
- Previous by thread: Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them
- Next by thread: Re: [tlug] Ubuntu server, Windows 7 client, and the firewall between them [SOLVED]
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |