Greetz all.. I am securing a box that is multihomed and I am running samba on the box. I do not however want samba running on both interfaces, just the internal... so I put the line : interfaces = 192.168.1.1/24 in the global section of the smb.conf and restart the service. I do a nmap on my external interface and port 139 is still open! Has anybody had this problem? Also is there a way to bind sunrpc to the internal nic? I do not see running these out of xinetd as a valid option! Also, I have noticed some flaky stuff with xinetd. Mainly when I have disabled = servicename, for the internal services.. it does not disable them. If I comment out the whole section it does.. same for the interface = statement.. TIA, you guys rock! Eric
Be sure to add: bind interfaces only = true to /etc/smb.conf. Even then, it will be listening on UDP port 139 on all interfaces. Be sure to have a firewall between it and the Internet and/or hostile users. HTH, Jeffrey Quoting ESix <erics@ibtec.com>:
Greetz all..
I am securing a box that is multihomed and I am running samba on the box. I do not however want samba running on both interfaces, just the internal... so I put the line : interfaces = 192.168.1.1/24 in the global section of the smb.conf and restart the service. I do a nmap on my external interface and port 139 is still open! Has anybody had this problem? Also is there a way to bind sunrpc to the internal nic? I do not see running these out of xinetd as a valid option!
Also, I have noticed some flaky stuff with xinetd. Mainly when I have disabled = servicename, for the internal services.. it does not disable them. If I comment out the whole section it does.. same for the interface = statement..
TIA, you guys rock! Eric
-- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck
participants (2)
-
ESix
-
Jeffrey Taylor