Samba Server Samba Server is a Linux implementation of ...

Download PDF
29 downloads 125 Views 23KB Size Report
Comment
Samba Server is a Linux implementation of Microsoft's CIFS (Common Internet File. System), or NetBIOS. CIFS is based on IBM's SMB (Server Message Block) ...
Samba Server Samba Server is a Linux implementation of Microsoft’s CIFS (Common Internet File System), or NetBIOS. CIFS is based on IBM’s SMB (Server Message Block) which was created in 1984. It is a protocol that allows disks on another machine to be mounted and treated as a local storage drive. Samba, which is an open source, and freely available program that comes pre-installed on most major distributions of Linux already. Can also be downloaded and compiled if you got to http://www.samba.org from there you can download the tar ball, unpack it, and do the ./configure , make, make install sequence of commands. Most major distributions have their own GUI tool to aide in the configuration of Samba. However, one will understand what goes on better if they use the plain text file known as smb.conf which can be located in /etc/samba/smb.conf or just /etc/smb.conf (on SUSE) open up this file in any text editor you choose for the configuration. See the slides for the steps on the smb.conf file. It is a simple configuration that allows simple access to home directories as well as to the shared directory that you allow access too, in my example it was /usr/share but it could be /tmp/share or anything that you wish. Also, if you want to, you can do the hosts allow in the smb.conf file for 2 C classes of IP addresses, other wise you can still do it in your hosts.allow/hosts.deny files. When setting up a secure Samba server it’s important to realize that Samba as well as Microsoft CIFS has had security issues in the past, so it’s important to make yourself aware, as a Linux Systems Administrator, of software patches to fix known security flaws in the programs. Also, to secure this computer from outside attacks, one of the best things to do with a file server, like Samba is to put it behind a border firewall, and disconnect it from the internet, so then you know that it’s on your “trusted” network. You need to create a password for the samba server, using the /etc/samba/smbpasswd program. This file only contains usernames and the password hashed two different ways, to keep this from being seen locally on the machine you should make chmod the smbpasswd to 600 and the directory of /etc/samba/ to 700 so that the root user can enter the directory. With this method people can’t get into the file and find the hash, as seeing that the hash itself is the only thing you need to impersonate the computer, along with the username. However, the hashes are sent in plain text, so the best suggestion is to use a password that is not the same as your regular passwords, and also change it every so often if you don’t want people having access to your Samba Server. With this, this is a simple application of a Samba server, you can get to very complicated setups using NetBIOS and booting your machines from samba making workstations. You can find out more information on how to set up a Samba server at Samba’s website.http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/ I hope that this helps explain the basics of how to install, configure and secure a simple Samba application to be used in a home or a small business.