On Sun, Sep 07, 2003 at 03:04:25PM -0500, cajun wrote: > Hi all, > > I'm back again. This time I am a lot closer. Just have a couple of > things I need help with and some real good advice. This will be kind of > long so please bare with me. This is a recap of everything that I have > done to get this to work, but still not quite right. > > Here are the things that I have done: > > Enabled Client for Microsoft Networks on my Windoze PC. > Added all entries to the LMHOSTS file on the Windoze PC and to my Linux Box. > Enabled NetBIOS over TCP/IP on Windoze PC. > Removed my resolv.conf file off of Linux Box. > Added two entires to my IPTABLES file to open up ports 137-139 for tcp & > udp. > This is the one that I really have a question on. Here or the two > lines that I added. By adding > these, have I just opened up ports 137-139 to the world?
By reading "between the lines" here, I guess that you mean your linux
box is also the firewall/router in your network, and it has a directly-
connected internet connection of some sort. If that's the case, I'd
think you probably DID open it to the world.
I'm not guru on linux firewall configuration so I can't tell you how to
fix that (I'm sure there is a way), but... I'd suggest a safer and perhaps
simpler solution would be to put in a dedicated firewall in front of your
linux box, so the linux box doesn't have to be as hardened against the
outside world.
If you have an old junk PC lying around (I'm using a Pentium-class
machine, an AMD K5-pr100) w/ 64MB RAM, myself. I'm using Smoothwall,
but there are other choices, such as "ip cop". These are small Linux-
based systems that are designed to do nothing but serve as a firewall.
they run on extra programs that could compromise security.
>
> >-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 137:139 -j ACCEPT
> >-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 137:139 -j ACCEPT
>
--
---- Fred Smith -- [EMAIL PROTECTED] -----------------------------
The eyes of the Lord are everywhere,
keeping watch on the wicked and the good.
----------------------------- Proverbs 15:3 (niv) -----------------------------
pgp00000.pgp
Description: PGP signature
