Thanks for all your help everyone, not just John. Indeed it is a small network, around 20 computers that this box serves, and the NetBEUI traffic is light.
I still sort-of disagree with the "no security advantage" statement though. While I do know of NetBEUI exploits, IMHO it is still a good technique to hide the 'scent' of the box. Most "s|<r1p+ |<1|)|)13s" will be focusing on TCP/IP. Up until the other day we didn't have an internet-visible, Unix-based host behind the router. We do now, so that is a concern of mine more than ever. True, if the kiddy is 'elite' enough he might try a NetBEUI exploit. If that is the case, then you're right, we're no better off. But the fact that Microsoft is deprecating NetBEUI makes my assumption that he will not try NetBEUI even better. While I feel competent enough to make a solid firewall, our router to the internet is controlled by our ISP, and that is one trust relationship that would be sloppy of me to trust. Unfortunately, this box needs to be visible to the internet and the NetBEUI only server. Looks like I'll have to proxy it via a windows PC running both NetBEUI and TCP/IP. To quote Home Simpson: "For shame!" :-) -J -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John E. Malmberg Sent: Monday, December 09, 2002 9:26 PM To: [EMAIL PROTECTED] Subject: Re: NetBEUI as main protocol Jason Hihn wrote: > I've a need for Samba to work over NetBEUI. We have a file server > here that only speaks that way to bar out TCP-based hackers, There is a popular misconception that you can use NetBeui in this way. There is no security advantage in use NetBEUI in this manor. It is just as easy to block the NetBios TCP/IP ports at the router between your private network and the one where the hackers are. If the hackers are on the local network, the NetBios exploits work just as well on NetBeui based networks as TCP/IP based networks. You get the same level of security if you control the router. You have no additional security if you do not control the router. Routers can be configured to bridge NetBeui. The only advantage that I can see to running NetBeui is that a network recovery disk for most PCs using MS-DOS can fit on a high density floppy. For small networks, NetBeui is more responsive than TCP/IP, but because it is a broadcast protocol, it does not scale well. > and now I need to move files between hat and the Linux box. Changing > it to use TCP is out of my authority too. I've scoured the archives, > and the most I could come up with is a 1 year-old post saying that it > was working, but with some patches, and only for printing. > I am wondering if SAMBA can go over NetBEUI yet? I realize I'll > probably have to re-compile my kernel (easy enough), but what if > anything has to be done on the SAMBA side? It probably will take some sort of layer to translate the NetBios over NetBeui so that it looked like TCP/IP to SAMBA. I do not know how much work that would be. -John [EMAIL PROTECTED] Personal Opinion Only