LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Security issue No name and pswd required with the same workgroup (https://www.linuxquestions.org/questions/linux-newbie-8/security-issue-no-name-and-pswd-required-with-the-same-workgroup-4175610025/)

ger56 07-17-2017 09:20 AM

Security issue No name and pswd required with the same workgroup
 
Hello ,

When installing a Toshiba laptop w7 with Wifi on my linux suze 42.2 with Samba and creating a common workgroup it happen the toshiba can enter on the server and Samba without any name or password . It can even read or delete a file !!!

How can this happen ? My other desktop always needed to create a user on linux and type a password .

Thank you for your answers

Ger56

Rickkkk 07-17-2017 10:18 AM

Hi ger56,

You are correct that this is atypical behaviour in most circumstances. Could you please post some additional details:

- User name on the Toshiba laptop for which this automatic access is granted

- smb.conf on your linux server

- smbpassword and password contents on your linux server

... let's start with that - it'll help members here assist you.

ger56 07-17-2017 10:30 AM

hello ,

The Toshiba user name has never been created on linux , so no name and no pswd bu it still can entrer into Samba .

Smb.conf is standtard without any security add on .

Regards

ger56

Rickkkk 07-17-2017 10:35 AM

Hi ger56,

Is the Toshiba user name the same as for the desktop that already has samba access ?

It would still probably help if you would post the contents of your smb.conf.


Cheers,

ger56 07-17-2017 10:52 AM

Hello ,

The user name of the Toshiba does not exist on samba .

I will try to post the Smb.conf .

Note : I also tried an other laptop Acer with a name that does not exist on samba user list and it can access samba
if the workgroup name on windows is the same as the workgroup created on samba .

Ger56

sundialsvcs 07-17-2017 11:10 AM

You should find record of the SMB connection in the Windows event viewer. You should also see the Toshiba in a list of connected SMB users.

AwesomeMachine 07-17-2017 05:39 PM

That might be a SuSE feature.

ger56 07-18-2017 05:20 AM

2 Attachment(s)
Hello ,

Oups , seems nobody is connected but still everything runs !
4 connected with no names : 192.168.1.111 / 112 / 113/ 114
I do not knwo what happens .

The only thing I change in the past was the directory used ( share2 ) to home
I had only 40mb available on share2 and did not know how to create a directory with available space .....

See attachment : smbconf and smb connexion

Regards

Ger56

sundialsvcs 07-18-2017 09:40 AM

There appears to be a pretty serious security hole in the configuration of your server, which is in fact accepting anonymous connections without challenge, and giving them access! :eek:

How long might this have been going on, when you thought that your data was protected, while it very-obviously isn't?

ger56 07-18-2017 09:53 AM

Hello ,

May be 2 or 3 month that may be the data are not really protected .

But first i know what is going on , where is the mistake and how to correct it ,

Regards

ger56

wpeckham 07-18-2017 09:56 AM

Quote:

Originally Posted by ger56 (Post 5736578)
Hello ,

May be 2 or 3 month that may be the data are not really protected .

But first i know what is going on , where is the mistake and how to correct it ,

Regards

ger56

Without you posting the configurations for samba, there is no way we can tell what might be wrong with the configuration of samba. We will be watching for you to post this information.

ger56 07-18-2017 10:02 AM

Quote:

Originally Posted by wpeckham (Post 5736580)
Without you posting the configurations for samba, there is no way we can tell what might be wrong with the configuration of samba. We will be watching for you to post this information.

Look at the attached files and screenshot I sent this morning .

Ger56

ger56 07-18-2017 10:15 AM

2 Attachment(s)
again in 2 files attached smb.conf

Rickkkk 07-18-2017 11:11 AM

Hi ger56 ...

It will be easier for us to examine your smb.conf if you just post the contents between code tags instead of taking pictures. Like this:

Code:

.... contents of your smb.conf .....
... The code tags are "["code"]" at the beginning and "["/code"]" at the end (omitting the quotation marks).

ger56 07-18-2017 11:50 AM

Quote:

Originally Posted by Rickkkk (Post 5736623)
Hi ger56 ...

It will be easier for us to examine your smb.conf if you just post the contents between code tags instead of taking pictures. Like this:

Code:

.... contents of your smb.conf .....
... The code tags are "["code"]" at the beginning and "["/code"]" at the end (omitting the quotation marks).

hello ,

the server is only use for sharing files this is why I made some picture I am not using any browser or printer on it .

I can re type the smb.conf if you wish but attached pic should be enough ?

Ger56


All times are GMT -5. The time now is 02:14 AM.