[ubuntu-uk] Warning to all users of Samba

[John Stevenson]

On 20 April 2010 23:11, Daniel Case <danielcase10 at googlemail.com> wrote:

> My entire family own Windows boxes, and the internal IP is dynamic most of
> the time. Now what i didnt realize was that my sister opened DMZ onto her
> internal IP at the time so she could get a decent download speed over
> torrent.
>
> The next time i turned my Ubuntu box on, it got that IP, and thus all the
> traffic got forwarded straight to my laptop, exposing all of my ports
> (including 139) I dont turn my box off very often either, it usually stays
> on and connected to the internet for quite sometime.
>
> I only realized when somebody contacted me over MSN and told me that they
> had managed to access my entire user area, i then checked /var/logs/samba
> and found a lot of requests from external IP addresses.
>

Am I wrong in thinking this post is really a warning about not setting you
router up securely?

If you are unable to control the router or the IP address your Ubuntu box is
assigned, then you can always run a firewall and/or AppAmor on you Ubuntu
box.

If you can control the router, set the router up to only give dhcp addresses
between a certain range i.e. 1-100.  Then set your ubuntu systems to use
static addresses above 100.

If you need dynamic addresses, i.e. you have a laptop, you should still be
able to tell the router to give your ubuntu box a specific IP address based
on its MAC number (the electronic number for your network device) - need to
do this for both wired and wireless (if applicable).  You can set all the
PC's in your house to get specific IP address on all modern routers.

All my Ubuntu servers, physical and virtual, get assigned "static" IP
addresses from the DHCP server on my router from the broadband company.

-- 
John Stevenson
jr0cket.com
leanagilemachine.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-uk/attachments/20100421/177c6f44/attachment-0001.htm