LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-17-2004, 06:49 PM   #1
nbjayme
Member
 
Registered: Sep 2003
Posts: 77

Rep: Reputation: 15
Network Security Breach


I have sent an email to the Samba Team but this does not only concern them but the Linux Community:
=====

Hello Samba Team,

I have used Linux for about 2 months now and have been sharing files through Samba. I have also gone far into changing our NT Server to Samba PDC.

Everything works fine for all Win9x clients except for one workgroup composed of WinXP and Win9x. I have created a machine account for WinXP and have to observe what happens now.

Now for the security. I have a Linux box connected to the network but no shares defined. It can view the network and access shares but I noticed that this Linux SMB Client does not register itself to the PDC. When I check on WIN9x Network Neighborhood it's not shown.

I believe this is a big issue and can cause security breach in the network. As an administrator, you would want to know what computers are connected in your network. In big organization this could be hard to track.

Since Linux advocates security I think all smb client should give the netbios name as specified in the smb.conf file. Any computer that does not pass through this policy should be considered hacking the network.

However, it's really hard to track down who's at fault here. Could it be Nautilus accessing network smb server bypassing the smbclient lib?

I have already expressed a strong standardization of Linux services or libs. Linux programs can interoperate more if standards have been set.

NBJayme
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Breach in Sendmail Security? bper Linux - Security 2 08-02-2005 05:40 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 01:02 AM
security breach: send mail to unknown address? graffitici Linux - Security 4 01-29-2004 05:27 PM
HTTP access_log: security breach? lhoff Linux - Security 3 02-16-2002 11:10 AM
Security breach? lhoff Linux - Security 5 02-15-2002 01:33 AM


All times are GMT -5. The time now is 06:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration