[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Sun Jan 11 21:02:07 2004 -->
- <!--x-from-r13: nyr ng fcvaareqbt.pbz (Rnivq Vnzz) -->
- <!--x-message-id: [email protected] -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] SMB options -->
- <li><em>date</em>: Sun Jan 11 21:02:07 2004</li>
- <li><em>from</em>: ale at spinnerdog.com (David Hamm)</li>
- <li><em>in-reply-to</em>: <<a href="msg00419.html">[email protected]</a>></li>
- <li><em>references</em>: <<a href="msg00374.html">[email protected]</a>> <<a href="msg00417.html">[email protected]</a>> <<a href="msg00419.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] SMB options</li>
Thanks for your help.
On Sunday 11 January 2004 11:36 am, Joe Sechman wrote:
> SSH is the way to go...I use a chroot'd jail environment for upload and
> only permit RSA PKI authentication for secure copy (SCP) upload. Since
> most of our users are mere mortals, I advise WinSCP as the winX client
> software (not sure if there's a GNU equivalent), but the savvys usually
> use the SCP command line tools. Admittedly, it's a bit of
> administrative overhead, but at least I get some shuteye :0) This is
> also good because the savvys have a dummy login shell with only the
> commands necessary for file transfer (cp, rm, mkdir, mv, etc.....but NO
> su). Here are some references:
>
> Jailchroot project
> <a rel="nofollow" href="http://www.jmcresearch.com/projects/jail/";>http://www.jmcresearch.com/projects/jail/</a>
>
> WinSCP
> <a rel="nofollow" href="http://winscp.sourceforge.net/eng/";>http://winscp.sourceforge.net/eng/</a>
>
> and my favorite book of all time (SSH Definitive Guide):
> <a rel="nofollow" href="http://www.bookpool.com/.x/odr44xorc0/sm/0596000111";>http://www.bookpool.com/.x/odr44xorc0/sm/0596000111</a>
>
> -Cheers,
> Joe Sechman
>
> > David Hamm wrote:
> >> Hello,
> >>
> >> I have an FTP server sittting on the Internet. One group of users
> >> uploads files via FTP the other group downloads those files via SMB.
> >> Securing SMB communications in most cases is handeled by listing the
> >> SMB users's IP address in an IPTables rule with a -j ACCEPT. But
> >> recently I gained an SMB user an ALLTel's network and ALLTel blocks
> >> port 135. The only options I can come up with is eithher FreeSwan or
> >> PopTop and from recent experiences I'm not excited about using
> >> either. I wonder if I could run SMB on another port? Under Linux I
> >> don't see a problem but the Windows workstations mounting the share
> >> can't be modified since they also participate in an SMB based LAN.
> >> Any suggestions are welcomed.
> >
> > Personally, I think you're absolutely insane to be permitting Windows
> > file sharing over the internet. You're just asking for trouble.
> >
> > You should find a different solution. What about ssh?
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> <a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00438" href="msg00438.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> jsechman at bellsouth.net (Joe Sechman)</li></ul></li>
<li><strong><a name="00446" href="msg00446.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> jkinney at localnetsolutions.com (James P. Kinney III)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00374" href="msg00374.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> ale at spinnerdog.com (David Hamm)</li></ul></li>
<li><strong><a name="00417" href="msg00417.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> esoteric at 3times25.net (Geoffrey)</li></ul></li>
<li><strong><a name="00419" href="msg00419.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> jsechman at bellsouth.net (Joe Sechman)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00433.html">[ale] SMB options</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00435.html">[ale] Audio Editor</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00419.html">[ale] SMB options</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00438.html">[ale] SMB options</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00434"><strong>Date</strong></a></li>
<li><a href="threads.html#00434"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>