LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-17-2017, 10:20 AM   #1
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Rep: Reputation: Disabled
Security issue No name and pswd required with the same workgroup


Hello ,

When installing a Toshiba laptop w7 with Wifi on my linux suze 42.2 with Samba and creating a common workgroup it happen the toshiba can enter on the server and Samba without any name or password . It can even read or delete a file !!!

How can this happen ? My other desktop always needed to create a user on linux and type a password .

Thank you for your answers

Ger56
 
Old 07-17-2017, 11:18 AM   #2
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec, CANADA
Distribution: Arch
Posts: 1,234

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Hi ger56,

You are correct that this is atypical behaviour in most circumstances. Could you please post some additional details:

- User name on the Toshiba laptop for which this automatic access is granted

- smb.conf on your linux server

- smbpassword and password contents on your linux server

... let's start with that - it'll help members here assist you.
 
Old 07-17-2017, 11:30 AM   #3
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
hello ,

The Toshiba user name has never been created on linux , so no name and no pswd bu it still can entrer into Samba .

Smb.conf is standtard without any security add on .

Regards

ger56
 
Old 07-17-2017, 11:35 AM   #4
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec, CANADA
Distribution: Arch
Posts: 1,234

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Hi ger56,

Is the Toshiba user name the same as for the desktop that already has samba access ?

It would still probably help if you would post the contents of your smb.conf.


Cheers,
 
Old 07-17-2017, 11:52 AM   #5
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
Hello ,

The user name of the Toshiba does not exist on samba .

I will try to post the Smb.conf .

Note : I also tried an other laptop Acer with a name that does not exist on samba user list and it can access samba
if the workgroup name on windows is the same as the workgroup created on samba .

Ger56
 
Old 07-17-2017, 12:10 PM   #6
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178
You should find record of the SMB connection in the Windows event viewer. You should also see the Toshiba in a list of connected SMB users.
 
Old 07-17-2017, 06:39 PM   #7
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,511

Rep: Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006Reputation: 1006
That might be a SuSE feature.
 
Old 07-18-2017, 06:20 AM   #8
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
Hello ,

Oups , seems nobody is connected but still everything runs !
4 connected with no names : 192.168.1.111 / 112 / 113/ 114
I do not knwo what happens .

The only thing I change in the past was the directory used ( share2 ) to home
I had only 40mb available on share2 and did not know how to create a directory with available space .....

See attachment : smbconf and smb connexion

Regards

Ger56
Attached Thumbnails
Click image for larger version

Name:	20170718_110046[1].jpg
Views:	6
Size:	261.6 KB
ID:	25500   Click image for larger version

Name:	20170718_110807[1].jpg
Views:	9
Size:	262.9 KB
ID:	25501  
 
Old 07-18-2017, 10:40 AM   #9
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178Reputation: 3178
There appears to be a pretty serious security hole in the configuration of your server, which is in fact accepting anonymous connections without challenge, and giving them access!

How long might this have been going on, when you thought that your data was protected, while it very-obviously isn't?
 
Old 07-18-2017, 10:53 AM   #10
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
Hello ,

May be 2 or 3 month that may be the data are not really protected .

But first i know what is going on , where is the mistake and how to correct it ,

Regards

ger56
 
Old 07-18-2017, 10:56 AM   #11
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,152

Rep: Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368
Quote:
Originally Posted by ger56 View Post
Hello ,

May be 2 or 3 month that may be the data are not really protected .

But first i know what is going on , where is the mistake and how to correct it ,

Regards

ger56
Without you posting the configurations for samba, there is no way we can tell what might be wrong with the configuration of samba. We will be watching for you to post this information.
 
Old 07-18-2017, 11:02 AM   #12
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by wpeckham View Post
Without you posting the configurations for samba, there is no way we can tell what might be wrong with the configuration of samba. We will be watching for you to post this information.
Look at the attached files and screenshot I sent this morning .

Ger56
 
Old 07-18-2017, 11:15 AM   #13
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
again in 2 files attached smb.conf
Attached Thumbnails
Click image for larger version

Name:	samba-conf-suse42-2-a.jpg
Views:	4
Size:	265.3 KB
ID:	25503   Click image for larger version

Name:	samba-conf-suse42-2-b.jpg
Views:	6
Size:	259.5 KB
ID:	25504  
 
Old 07-18-2017, 12:11 PM   #14
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec, CANADA
Distribution: Arch
Posts: 1,234

Rep: Reputation: 451Reputation: 451Reputation: 451Reputation: 451Reputation: 451
Hi ger56 ...

It will be easier for us to examine your smb.conf if you just post the contents between code tags instead of taking pictures. Like this:

Code:
 .... contents of your smb.conf .....
... The code tags are "["code"]" at the beginning and "["/code"]" at the end (omitting the quotation marks).

Last edited by Rickkkk; 07-18-2017 at 12:12 PM.
 
Old 07-18-2017, 12:50 PM   #15
ger56
LQ Newbie
 
Registered: Jul 2017
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Rickkkk View Post
Hi ger56 ...

It will be easier for us to examine your smb.conf if you just post the contents between code tags instead of taking pictures. Like this:

Code:
 .... contents of your smb.conf .....
... The code tags are "["code"]" at the beginning and "["/code"]" at the end (omitting the quotation marks).
hello ,

the server is only use for sharing files this is why I made some picture I am not using any browser or printer on it .

I can re type the smb.conf if you wish but attached pic should be enough ?

Ger56
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Security risk for Windows workgroup computers if I add a Linux webserver? rreiss Linux - Security 1 03-17-2006 01:51 PM
Help required with a security issue? NuLLiFiEd Linux - Security 4 12-27-2004 10:20 AM
maximum security required Kropotkin Linux - Security 7 10-30-2004 06:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration