All remotes have fixed IP, so we simply deny all hosts & enable specific hosts in smb.conf as described in http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap29sec284.html and many other places identified by http://www.google.com/search?num=100&hl=en&lr=lang_en&q=%22smb.conf%22+%22hosts+deny%22&btnG=Google+Search
Have you setup a Netfilter firewall behind the DirectTV modem? ---------- Original Message ---------------------------------- From: Chris Wilkes <[EMAIL PROTECTED]> Date: Tue, 26 Feb 2002 08:51:34 -0800 >On Tue, Feb 26, 2002 at 10:24:19AM -0600, John Schmerold wrote: >> I have a client that is planning on using Direct TV DSL so that he may >> obtain single static IP for $50 per month. >> >> Service looks slick for typical residential or branch office use, >> however he needs remote offices to attach to a Samba share & wants his >> office to benefit from a netfilter based firewall. >> >> Anyone doing this? Any tips on configuring the modem/router provided by >> DirectTV to facilitate these functions? > >I would install IPSec so that traffic is encrypted. Do all the sites >have fixed IPs? Then just allow their port 137/138/139 traffic in and >out. > >But, again, install and make sure IPSec is running on all the routers >involved or else you're just asking for trouble. > >I wouldn't want to do this with non-fixed IPs either as I would be >scared to death of just anybody reaching any windows box on the inside >of my network. > >Chris > >
