On Tue, Jul 03, 2007 at 09:22:09PM +1200, Christopher Sawtell wrote: > On 7/3/07, Kerry Mayes <[EMAIL PROTECTED]> wrote: > > > >445? Thats ipcop's https port. Doesn't that cause issues? > > > No, because you should never _ever_ EVER _EVER_ be doing remote mounts, or > printing, over the public Internet. Unless of course you are a politician > and you really want to leak all your documents in the share to every curious > Tom Dick and Harry. > They will be able to crack the M/S smb passwords no trouble, because there > is no 'salt' on the smbpassword generation algorithm. If you actually want > this facility, you will have to change the https port IPCop uses. It's a > setting in the apache.conf file.
Well, more to the point, IPCop will be listening to TCP connections on port 445. Oddly, Windows 2000, XP and 2003 use TCP port 445 for SMB over TCP. I can't say how it works, but I'm guessing that it tries to open SMB sessions with other SMB hosts it finds. Yes, I guess IPCop could get some incoming connections on port 445 from Windows, but once the TCP session is opened neither the Windows box or the IPCop box will pass any meaningful SMB information over that port. A real HTTPS session to IPCop will not be interrupted and you won't have problems initiating a new connection to IPCop, unless somehow IPCop decides that your specific box is evil because your Windows PC keeps opening port 445 sessions and not doing anything afterwards (some kind of TCP session attack). Cheers, Michael. > > -- > Sincerely etc. > Christopher Sawtell
