Re: netbios
On Mon, Jul 03, 2000 at 04:16:24PM +0200, Goeman Stefan wrote:
> Hello,
Hi
[snip]
> I am a little concerned about this last line.
> >From a security course I took last week, I have found out
> that it is not wise to have the netbios open (to the rest of the
> world). I my case, it probably can't harm because I am behind our
> company firewalls. But nevertheless, I would prefer to disable this
> feature. Does anybody knows how to do this ??
If you don't want to purge samba, yet still have those ports closed,
you could do: (replacing ppp0 for whatever you have)
ipchains=$(which ipchains)
${ipchains} -A output -p tcp --sport 137:139 -i ppp0 -j DENY -l
${ipchains} -A output -p udp --sport 137:139 -i ppp0 -j DENY -l
${ipchains} -A input -p tcp --dport 137:139 -i ppp0 -j DENY -l
${ipchains} -A input -p udp --dport 137:139 -i ppp0 -j DENY -l
This also causes log entries to be generated upon violation of this
rule. (-l)
For more infos, see:
ipchains (8) - IP firewall administration
ipchains-restore (8) - restore IP firewall chains from stdin
ipchains-save (8) - save IP firewall chains to stdout
or
ipfwadm (8) - IP firewall and accounting administration
ipfwadm-wrapper (8) - IP firewall administration
ipfwadm.real (8) - IP firewall and accounting administration
This surely ain't the only way to do it, but it is one way of doing it.
The better / more secure approach would be to deny all ports and to then
selectively open up specific ports according to your needs.
HTH'n good luck! :)
--
S. Burgener
Powered by Debian GNU/Linux 2.2
Reply to:
- References:
- netbios
- From: Goeman Stefan <Stefan.Goeman@siemens.atea.be>