LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-15-2007, 04:12 PM   #1
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Rep: Reputation: 45
SAMBA file transfers not secure - same for Windows?


I received a great book about SAMBA and was reading through it the other day. It mentioned that file transfers done between a SAMBA server and a Windows machine is not secure. So potentially someone could sniff the traffic between the two machines. I was wondering if this was the same case from a Windows to Windows machine.
 
Old 01-15-2007, 09:49 PM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 335Reputation: 335Reputation: 335Reputation: 335
Yes it is the same for Windows. In fact, in Linux you can forward an application port to the ssh port which will encrypt the data and then send the data to its destination. Windows doesn't even have ssh available. You can find ssh for Windows as an open source project but Windows file transfers insecure by default. So Samba file transfers are insecure by default because it has to be compatible with Windows and because the SMB specification doesn't include encrypted file transfers.

To be fair, NFS file transfers are unencrypted as well. FTP file transfers are insecure too. All of these things were created before people became interested in security. Many or even most enterprise level networks are still living in the dark ages where people are not concerned about encryption over the network. I was recently listening to several technical "pod casts". I was very discouraged when I heard these system administrators saying things that indicated that they had no particular interest in security. I even heard one of them state the name and location of their employer and the name of that business's ISP. Amazing. That is business confidential information. I know. You could say that the information is available via public records accessed via dig or nslookup. Nevertheless I think it showed a real lack of good judgment for this guy to say "I work here at this business and in this city and we use XYZ for our ISP."

But. back to our story of Windows and Samba file encryption: we can bolt ssh on to the back end, so to speak, so we can make these file transfer utilities more secure than they are by default.

Last edited by stress_junkie; 01-15-2007 at 09:53 PM.
 
Old 01-15-2007, 10:14 PM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
To add to the above, Samba and Windows File Shares should never be openly exposed to the internet. The lack of encryption and weak authentication measures make it an inappropriate service to be run in that manner. It was never designed to be a hardened protocol and should only be run inside of a secure network or only accessible once remote users have authenticated to a VPN which provides hardened auth and encryption.
 
Old 01-16-2007, 12:20 AM   #4
Micro420
Senior Member
 
Registered: Aug 2003
Location: Berkeley, CA
Distribution: Mac OS X Leopard 10.6.2, Windows 2003 Server/Vista/7/XP/2000/NT/98, Ubuntux64, CentOS4.8/5.4
Posts: 2,986

Original Poster
Rep: Reputation: 45
Thank you both for your valuable input and information! I appreciate it!

The situation I have at work is a little complicated. We are in our own LAN, but at the same time, this LAN is exposed over the internet. I did not set up the network this way as the institution I work for did this. So Capt_caveman, yes my SAMBA could potentially be accessible over the internet, however, I set up my iptables to only allow local SAMBA connections which get filtered out if requests come outside from the internet. I also do as much filtering as possible with IP address and user authentications in the SAMBA configuration file.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: University of Michigan Selects SSH Tectia for Secure System Administration and Secure File Transfers LXer Syndicated Linux News 0 04-25-2006 12:54 AM
Secure file and passwd transfers lord-fu Linux - Security 5 11-19-2005 12:09 AM
Samba transfers fail on large files from Windows to Debian mperkins Linux - Networking 11 08-09-2005 03:46 PM
File transfers from Suse to Windows ludwig W SUSE / openSUSE 10 04-10-2005 02:47 PM
RH 9.0 / Samba Large File Transfers rjesse Linux - General 3 01-26-2005 09:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration