|
Posted by Tomás Ó hÉilidhe on December 19, 2007, 7:29 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I have four computers on a LAN with private IP addresses (e.g.
192.168.1.*), and a router on the LAN which provides access to
the Internet.
I have considered setting up a password-free file share on one of the
machines and then setting up the machine's firewall so that it only
allows file-sharing to computers within the same network.
How safe is this? The machine in question is running Windows XP Pro
SP2, and has ALL of the latest Windows updates.
In theory, any requests coming from outside the network should be
ignored because of the firewall, but I've seen a video on the web of
people exploiting Samba and gaining full access.
Is it advisable to have a password-free Samba share like this even if
my firewall blocks WAN requests?
Another thing, if you have a password on your Samba share, is there
any way of putting in a time delay between password requests? I've seen
people crack Samba using a "dictionary attack", but such an attack would
not be possible if there was a delay of about ten seconds between
password requests.
One thing I've been wondering about... I've used Linux before to
connect to Samba shares, and I've always just supplied an IP address, not
an IP address and a port number. Therefore I've been wondering how you
could possibly connect to a Samba share on a VPN from outside because the
only public IP address is the WAN port on the router.
--
Tomás Ó hÉilidhe
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map