/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
Not quite.
Samba by default enables it's "presence" on all available interfaces...
including PPP0.
That's what the interfaces line in the configuration is for... and the
reason you "see" the shares.
You can prevent samba from broadcasting shares over a cable modem... by
omitting "interfaces" which you don't want samba using...
However in this scenario, while the shares might have be visible, it would
still have been impossible for a remote user to actually mount or view the
contents of the shares.
The reason is the reserved IP's he's using. These packets are simply
rejected by the internet.
In normal installations, the cable modem/PPP link itself does NOT have a
reserved IP, rather your local LAN does.
A remote machine can attack your (assuming Linux is your router/gateway)
linux box, but to get beyond it they would have to mount the "protected"
shares in Linux (after having sucessfully penetrated Linux) and then access
them via samba... otherwise the packets are simply rejected.
-JMS
----- Original Message -----
From: Paul Weber <[EMAIL PROTECTED]>
To: Jose M. Sanchez <[EMAIL PROTECTED]>; Michael Dark
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, October 27, 1999 10:05 AM
Subject: RE: [Masq] Windows Networking and IP Masquerading
> This will work, but unless you block tcp ports 134-139 from your cable
modem
> interface, your neighbors will ALSO be able to browse your network!
>
> Try it. Double click on Network Neighborhood from a windows machine on a
> cable modem. If the have file sharing turned on, you will be able to see
> your neighbor's machine!
>
> -Paul
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
> Of Jose M. Sanchez
> Sent: Wednesday, October 27, 1999 8:50 AM
> To: Michael Dark; [EMAIL PROTECTED]
> Subject: Re: [Masq] Windows Networking and IP Masquerading
>
>
> /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
*/
>
>
> This is by design.
>
> On each subnet there is one machine "elected" to be the master browser.
>
> Run Samba in Linux (assuming that it is the multihomed machine) and set it
> up to be the WINS server and the MASTER browser.
>
> It will now present the shares on one subnet to the other.
>
> While you are at it, you might want to make Linux the PDC.
>
> -JMS
>
> ----- Original Message -----
> From: Michael Dark <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, October 27, 1999 8:34 AM
> Subject: [Masq] Windows Networking and IP Masquerading
>
>
> > /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
> */
> >
> >
> > I'm wondering if anyone has a solution to a problem I've
> > encountered with IP Masq. I've got a DEC Multia setup as a server -
> > it has a 10BT card for my cable modem, and a 100BT card for our
> > local network. That all works fine, but I'm trying to add another
> > 10BT card for another subnet.
> >
> > So, 198.162.0.* - eth1 - 100BT Net
> > 198.162.1.* - eth2 - 10BT Net
> >
> > Everything seems to work OK, but under Windows networking the
> > two subnets can't seem to see each other. Is this a forwarding
> > problem, or is there something else I can do?
> >
> > Thanks for your time, and thanks to the developers of this program -
> > other than that, it's been almost no problem at all, and the network
> > works great! Thanks!
> > --
> > Michael J. Dark [EMAIL PROTECTED]
> >
> > _______________________________________________
> > Masq maillist - [EMAIL PROTECTED]
> > Admin requests can be handled at http://www.indyramp.com/masq-list/ --
> THIS INCLUDES UNSUBSCRIBING!
> > or email to [EMAIL PROTECTED]
> >
> > PLEASE read the HOWTO and search the archives before posting.
> > You can start your search at http://www.indyramp.com/masq/
> > Please keep general linux/unix/pc/internet questions off the list.
>
> _______________________________________________
> Masq maillist - [EMAIL PROTECTED]
> Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS
> INCLUDES UNSUBSCRIBING!
> or email to [EMAIL PROTECTED]
>
> PLEASE read the HOWTO and search the archives before posting.
> You can start your search at http://www.indyramp.com/masq/
> Please keep general linux/unix/pc/internet questions off the list.
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES
UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
