-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Not a guru, but I tried with Stevens, UNIX network Programming, Vol. 1, > and I also used Google, and found the behaviour the system SHOULD show: > > http://samba.he.net/using_samba/ch04_06.html > > [snip] > Finally, the bind interfaces only option instructs the nmbd process not to > accept any broadcast messages other than those subnets specified with the > interfaces option. Note that this is different from the hosts allow and > hosts deny options, which prevent machines from making connections to > services, but not from receiving broadcast messages. Using the bind > interfaces only option is a way to shut out even datagrams from foreign > subnets from being received by the Samba server. In addition, it instructs > the smbd process to bind to only the interface list given by the > interfaces option. This restricts the networks that Samba will serve. > [snip] > > However, I think that such options in the daemon are not an appropriate > security measure. You might want to set up strict firewall rules to > prevent any outsider from connecting to your SAMBA machine. Running SAMBA > on the same machine as your Firewall is *evil*, but I admit that many > small businesses with one-box-for-everything will use such a setup... >
I guess people didn't realise (since I forgot to mention) that this is no small-business firewall, it's my home masquerading box to give internet access to my LAN. Naturaly, since this is the only box that's on 24/7 it also serves a bunch of other stuff. Thanks for the awnser, it was exactly what I was looking for. Greetings, Pedro. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE70Gfs2SBo0jBmgGARArM4AKCbCr9M0X8+sCv/gmUxfCPvWMoL+gCgss3U RPnESHOB7w9oXBVjMlzbpFY= =6QBi -----END PGP SIGNATURE-----
