Networking with Windows Computers
Brant Fitzsimmons
brant at bfcomputerconsulting.com
Sat Dec 3 15:49:04 UTC 2005
Zach wrote:
>First off, I have to say that having every machine on your network
>being dual-homed adds a lot of complexity. If you're looking for
>"newbie friendly," that way certainly isn't.
>
>The configuration file, /etc/interfaces, allows you to specify per
>interface settings. As far allowing filesharing over one nic but not
>another, that probably will require blocking the appropriate smb ports
>for that nic using iptables rules. There are tools that configure
>iptables for you such as firestarter, but I don't know if they're well
>suited for a dual-homed configuration. TCP wrappers may also be able
>to help with this, but I'm not sure. It's been a while since I've
>configured samba (assuming this is what you're using), so I don't
>remember if there are any directives in smb.conf that control what
>interfaces the samba daemons listen on, but if there is then that may
>an options.
>
>Since you say that your network is behind a router, I might suggest
>that smb traffic is non-routable, so I don't believe it is possible
>that your filesharing will be exposed beyond the router, and if your
>router is doing NAT, then your especially safe. If someone wants to
>connect to an smb share or enumerate smb information from outside your
>network, they'll have to compromise one of the machines via another
>attack vector in order to do so. If that happens, the dual homed
>configuration won't help because once they own the box they can talk
>and listen through any of its interfaces. There should be no need to
>have your machines be dual homed.
>On 12/3/05, Lee H. <spamless_mr.sisyphus at shaw.ca> wrote:
>
>
>>I need some advice on networking my Ubuntu box with my Windows boxes.
>>
>>I've read the Ubuntu Wiki on this but there are some gaping holes in the
>>instructions......
>>
>>Each of my boxes has two network cards.
>>
>>They connect through a router to the internet with no file sharing
>>allowed, and through a hub to each other with file sharing allowed.
>>
>>In Ubuntu, I can't seem to change the properties for one NIC without
>>changing the properties for the other, and I don't have a domain, just a
>>Workgroup.
>>
>>Any good, *newbie-friendly*, URLs out there?
>>
>>Thanks!
>>
>>Lee H. in beautiful Kamloops, British Columbia, Canada!
>>
Samba can indeed bind itself to a particular interface.
http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id2549268
Enjoy!
--
Brant Fitzsimmons
brant at bfcomputerconsulting.com
-------------------------------------------------------------------
"Strange times are these in which we live when the old and the
young are taught falsehoods in the schools of learning. And the one
man that dares to tell the truth is called at once a lunatic and
a fool."
-Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20051203/317ddf0f/attachment.sig>
More information about the ubuntu-users
mailing list