Networking with Windows Computers
Zach
uid000 at gmail.com
Sat Dec 3 14:38:52 UTC 2005
First off, I have to say that having every machine on your network
being dual-homed adds a lot of complexity. If you're looking for
"newbie friendly," that way certainly isn't.
The configuration file, /etc/interfaces, allows you to specify per
interface settings. As far allowing filesharing over one nic but not
another, that probably will require blocking the appropriate smb ports
for that nic using iptables rules. There are tools that configure
iptables for you such as firestarter, but I don't know if they're well
suited for a dual-homed configuration. TCP wrappers may also be able
to help with this, but I'm not sure. It's been a while since I've
configured samba (assuming this is what you're using), so I don't
remember if there are any directives in smb.conf that control what
interfaces the samba daemons listen on, but if there is then that may
an options.
Since you say that your network is behind a router, I might suggest
that smb traffic is non-routable, so I don't believe it is possible
that your filesharing will be exposed beyond the router, and if your
router is doing NAT, then your especially safe. If someone wants to
connect to an smb share or enumerate smb information from outside your
network, they'll have to compromise one of the machines via another
attack vector in order to do so. If that happens, the dual homed
configuration won't help because once they own the box they can talk
and listen through any of its interfaces. There should be no need to
have your machines be dual homed.
On 12/3/05, Lee H. <spamless_mr.sisyphus at shaw.ca> wrote:
> I need some advice on networking my Ubuntu box with my Windows boxes.
>
> I've read the Ubuntu Wiki on this but there are some gaping holes in the
> instructions......
>
> Each of my boxes has two network cards.
>
> They connect through a router to the internet with no file sharing
> allowed, and through a hub to each other with file sharing allowed.
>
> In Ubuntu, I can't seem to change the properties for one NIC without
> changing the properties for the other, and I don't have a domain, just a
> Workgroup.
>
> Any good, *newbie-friendly*, URLs out there?
>
> Thanks!
>
> Lee H. in beautiful Kamloops, British Columbia, Canada!
>
> --
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
--
If you reply to a message I posted to a mailing list,
and you want me to see your reply, be sure to put my
address in the 'To:', or I might not see the message.
More information about the ubuntu-users
mailing list