Hi > On 08 Aug 2016, at 20:55 , Reindl Harald <[email protected]> wrote: >> Well. exposing samba protocol to internet without ipsec is not wise >> thing to do. It might be also problem with NVT > > it's not unwise, it's just a *absolute* no-go having samba/nfs/netatalk on a > wan-interface without a secured tunnel and "If the server is really > vulnerable it would be unwise to tell it to the whole world" is naive because > the whole world knows except the good guys
I never said it was exposed. And it is not. SMB is blocked by our border routers. But I don’t think that the IP address of the machine is relevant. If you really think (?) that it is essential to the question I can also post it. But I really don’t see the point of the problem. Matteo > just try it out - connect a samba machine on a IP never hosted a server with > a guest account to the internet and you can't smoke a cigarette before the > first malware arrives > > top honeypot ports this month > column 3 is the connect count > > 1 23 454251 telnet > 2 22 84318 ssh > 3 5900 35586 vnc > 4 445 35107 smb > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss -- ETH Zurich, Dr. Matteo Corti, Leiter ID Basisdienste STB H 11.1, Stampfenbachstrasse 69, 8092 Zurich Tel +41 44 63 27944, http://www.id.ethz.ch
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
