Re: samba woody

To: debian-security@lists.debian.org
Subject: Re: samba woody
From: J.Reilink <digiover@dsinet.org>
Date: Tue, 1 Jul 2003 20:55:53 +0200
Message-id: <[🔎] 20030701205553.72c24b9c.digiover@dsinet.org>
In-reply-to: <Pine.LNX.4.44.0307010031120.23942-100000@datacontact.hu>
References: <Pine.LNX.4.44.0307010031120.23942-100000@datacontact.hu>

----- Original message -----
On Tue, 1 Jul 2003 00:39:29 +0200 (CEST)
Bencsath Boldizsar <boldi@datacontact.hu> wrote in message
<Pine.LNX.4.44.0307010031120.23942-100000@datacontact.hu>:

> Hi,
> 
> Do You (We) really surely want to include buggy samba 2.2.3a-12, more
> than half year old in 'testing' release?
> I already know one guy with a 1 week old 'testing' debian hacked
> through samba. (I know, it's -12.3 on security for stable, and samba
> is not secure at all, but I think this one needs an upgrade ASAP...)
> 

Forgive my intrusion, but why would you want to bind samba to your NIC
which is connected directly to the Internet? If it's possible to bind
samba to another NIC (for your LAN only) and/or to firewall it off with
iptables and tcpwrappers, then do so.

/etc/samba/smb.conf
        ;interface stuff
          bind interfaces only = yes
          interfaces = eth1 192.168.0.33 127.0.0.1
          socket address = 192.168.0.33

This works perfectly for my LAN, which consists of a total of 8
workstations.

Met vriendelijke groet, / Kind regards,

Jan reilink

-- 
/"\  ASCII Ribbon Campaign
\ /  No HTML in mail or news!
 X
/ \ 		DSINet: http://www.dsinet.org/

Reply to:

Prev by Date: xfree86 4.2.1-9, cve CAN-2003-0063 and CAN-2003-0071
Next by Date: Re: port forwarding issues
Previous by thread: Re: samba woody
Next by thread: Strongest linux
Index(es):
- Date
- Thread