Re: is it rational to close the 139 port
On 7/22/2012 2:59 AM, lina wrote:
> On Sun, Jul 22, 2012 at 3:49 PM, Andrei POPESCU
> <email@example.com> wrote:
>> On Du, 22 iul 12, 15:41:16, lina wrote:
>>> Thanks, I don't have some basic understanding about samba,
>>> will read something about it.
>>> just a short quick question, is it necessary to keep it?
>> Only you can tell since we don't know what you use/need.
> I felt a bit silly to ask, and a bit annoyed about myself for knowing
> so little.
> seems no need to share files with outside.
> have rejected all inbound towards the port 139 and 445.
If you don't need it, why not disable the service and free up the memory
the smbd/nmbd daemons are using? Maybe I wasn't clear.
Disabling the Samba service, or simply uninstalling Samba, closes those
ports. When the ports are closed, there's no need to firewall them. If
you do anyway, it's like putting a padlock on a steel door that's been
welded shut. If you need a few pounds of dynamite to blow the door
open, the padlock yields zero extra protection. Same for firewalling.
The solution is very simple:
~$ aptitude remove samba