samba security
Scot L. Harris
webid at cfl.rr.com
Tue Jun 22 19:29:33 UTC 2004
On Tue, 2004-06-22 at 12:18, Paul Bradshaw wrote:
> Thanks Scot,
>
> There's no administrator or guest account either on OS or Samba server,
> so I figured it was something related to how Samba impersonates a
> Windows fileshare. Samba is not actually vulnerable to to any Microsoft
> Windows Exploits, is it? I always just assumed it wasn't, but I want to
> make sure.
Then you should be OK. Like I said it is always best to test it
directly if you have any questions on it.
I don't know of any exploits at the moment. Not to say there won't be
any in the future. Probably the biggest hole is poor passwords. The
most likely security issue is someone shoulder surfing as you log in or
poor passwords which can easily be brute forced.
Just make sure you are using encrypted passwords so packet sniffing is
made a little more difficult. But in most networks your standard switch
makes sniffing traffic more difficult than the typical user can handle.
--
Scot L. Harris
webid at cfl.rr.com
Time flies like an arrow. Fruit flies like a banana.
More information about the fedora-list
mailing list