"Greg A. Woods" wrote:
[ On Sunday, November 19, 2000 at 10:25:18 (-0800), Roeland Meyer wrote: ]
Subject: RE: Operational impact of filtering SMB/NETBIOS traffic?
No it isn't, NFS has known exploits. I've had a server owned three times in the past four years, twice via BIND and once via NFS. None via Samba.
And you're sure there aren't any vulnerabilities in Samba, or more importantly in the actual protocols used by Samba? I'm sure bunches of crackers would be surprised to hear that! I know for sure that there are vulnerabilities in the client side! :-)
ADM rocks has a special samba client version. Da bad guys love folk who want to run things like smb and nfs across LANs (not to mention the live internet). And that's just one for instance. I agree that the ISP shouldn't do filtering (although a little monitoring couldn't hurt), but a clueX4 is not enough for someone who wants to play chicken with the dark side. There are folk who will be happy to do penetration testing for free, and having any kind of open share, passworded or not, is a sure way to invite them. Fact is, I don't think I'd have announced in a public, archived forum, that I used NFS or SMB in quite that way. YMMV -- BOFH Excuse for the day: The network is down. The printer thinks it's a router. You know, that's not so far-fetched as it used to be...