[Wlug] Upcoming meetings - topic proposals
Mon, 7 May 2001 13:13:40 -0400 (EDT)
A VPN is a good idea. PPTP, however, isn't. I highly recomend using some
other VPN setup, if at all possible. PPTP on linux doesn't excatly give
you a rock solid network conneciton. But, if you have no other options,
there are both a client and a server for linux. The server is called
PoPToP. Search freshmeat for it. The client lives at
Maintainter of the PPTP-Linux client.
On Mon, 7 May 2001, Tom Martinson wrote:
> I am new to this LUG. So I would like to say hello.
> Peter said that his wife has to connect to his SaMBa server from UMass.
> When I have had similar situations What I did was to setup a VPN using
> PPTP. That way you can block All SMB traffic to the outside world.
> Connect to the PPTP termination point with your client. Setup up the
> Tunnel and then the SMB information is passed on the inside of the
> tunnel. Thus keeping the integrity. Also this gives a smaller
> "signature" for your firewall/server to the real world.
> Just a though.
> Peter Gutowski wrote:
> > Well, so far it's not been a problem, although I keep a close watch on suspicious activity. (You'll notice entries for hosts allow and hosts deny. So far that seems to be pretty effective, although I do notice twits trying to access and being denied):
> > hosts allow = 192.168.3.0/255.255.255.224 192.168.2.0/255.255.255.0
> > 22.214.171.124/255.255.255.0 126.96.36.199/255.255.255.240
> > hosts deny = all # <- no other machines can access
> > Perhaps you could suggest conf options that allows [incoming] connections, but don't broadcast availability (i.e. is 'invicible' to all but people that know that that machine is a smb server). As I said, I'm not samba expert! (BTW, my wife accesses the system from her computer at UMass)
> > On Monday, May 7, 2001 11:01 AM, Keller, Tim <Tim.Keller@stratus.com> wrote:
> >> Hey I was looking at the sample smb.conf file (and I've set up a bunch of
> >> samba servers as well) and I saw something odd (well odd for
> >> me)
> >> -- start cut --
> >> # Configure Samba to use multiple interfaces
> >> # If you have multiple network interfaces then you must list them
> >> # here. See the man page for details.
> >> interfaces = 192.168.3.1 188.8.131.52
> >> -- end cut --
> >> >From a home network point of view, why would you want samba to bind to your
> >> external (24.xx...) address? Maybe I'm doing something wrong?
> >> I personally add rules to my firewall to block outgoing and incoming SMB
> >> traffic to the outside world. SMB as a protocol goes (if you could call it
> >> that) tends to tell the world more then one would want...
> >> Tim.
> Wlug mailing list