Hi, Thanks for your answer. I'm surprised. There's no way in smb.conf to tell : "I don't want that nmbd listens on 0.0.0.0/0" ?
Regards, Jean ----- Original Message ----- From: "Thomas Werner" <[EMAIL PROTECTED]> To: "Jean LEE" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, June 15, 2004 11:00 AM Subject: Re: [Samba] listenning on interfaces > maybe iptables? but dont forget to open some ports for the clients: > > 111.tcp > 137.udp > 138.udp > 139.tcp > 22.tcp > 2222.udp > 445.tcp > 631.tcp > 67.udp > 80.tcp > and maybe 88.tcp for ads > > for example on a share connect. the xp clients look for a webserver on 80 to > show the folder/drive content, the same for port 2222. if you drop the > packets, the home drive is slow, because the client timed out and get no > answer for special kind of service/feature. > > cheers tom > > On 15.06.2004 10:11 Uhr, "Jean LEE" <[EMAIL PROTECTED]> wrote: > > > Hello, > > > > I am new to samba and i would to well secure it. > > > > In smb.conf, I entered the following lines : > > > > hosts allow = 192.168.0.2 127.0.0.1 > > hosts deny = 0.0.0.0/0 > > bind interfaces only = yes > > interfaces = eth0 lo > > > > I thought that it would only listens on the local machine and my internal Lan > > (which is on eth0 192.168.0.1) but nmbd seems to always listen on UDP/137 and > > UDP/138 (netbios-ns and netbios-dgm) on 0.0.0.0/0. Here is the output of > > netstat : > > > > [EMAIL PROTECTED] user]# netstat -taup > > Active Internet connections (servers and established) > > Proto Recv-Q Send-Q Local Address Foreign Address > > State PID/Program name > > tcp 0 0 192.168.0.1:netbios-ssn *:* > > LISTEN 3800/smbd > > tcp 0 0 ServeurLinu:netbios-ssn *:* > > LISTEN 3800/smbd > > tcp 0 0 ServeurLinux:ipp *:* > > LISTEN 3707/cupsd > > tcp 0 0 192.168.0.:microsoft-ds *:* > > LISTEN 3800/smbd > > tcp 0 0 ServeurLin:microsoft-ds *:* > > LISTEN 3800/smbd > > udp 0 0 192.168.0.1:netbios-ns *:* > > 3804/nmbd > > udp 0 0 *:netbios-ns *:* > > 3804/nmbd > > udp 0 0 192.168.0.1:netbios-dgm *:* > > 3804/nmbd > > udp 0 0 *:netbios-dgm *:* > > 3804/nmbd > > > > > > What is netbios-ns and netbios-dgm? I would prefer that nmbd doesn't listen on > > *:netbios-ns and *:netbios-dgm because I will connect my server to the > > internet through eth1 10.0.0.1. How can I do it? > > > > Thanks for any help. > > > > Jean Lee. > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > Dipl. Betriebswirt(BA) f. Inf. Thomas Werner > Webmaster / Network Administrator > ESMT European School of Management and Technology GmbH > Schlossplatz 1 > D-10178 Berlin > Germany > > Tel: +49 (0)30 21231 - 1085 > Fax: +49 (0)30 21231 - 9 > E-mail: [EMAIL PROTECTED] > Web: http://www.esmt.org > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
