[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Mon Jan 12 10:20:04 2004 -->
- <!--x-from-r13: quhefg ng xraarfnj.rqh (Rbj Vhefg) -->
- <!--x-message-id: [email protected] -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] SMB options -->
- <li><em>date</em>: Mon Jan 12 10:20:04 2004</li>
- <li><em>from</em>: dhurst at kennesaw.edu (Dow Hurst)</li>
- <li><em>in-reply-to</em>: <<a href="msg00416.html">[email protected]</a>></li>
- <li><em>references</em>: <<a href="msg00374.html">[email protected]</a>> <<a href="msg00384.html">[email protected]</a>> <<a href="msg00401.html">[email protected]</a>> <<a href="msg00416.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] SMB options</li>
David Hamm wrote:
> Well, I guess that seals it, there's no easter egg to found for this one.
> I'll continue using IPTables and begin adding a -j ACCEPT for PPTP. Boy,
> PopTop put up a good fight last time I tried it. Guess it's going to be a
> long day.
>
> Thanks for the input everyone.
>
> On Saturday 10 January 2004 11:17 pm, Michael H. Warfield wrote:
>
>>On Sat, Jan 10, 2004 at 03:50:47PM -0500, David Hamm wrote:
>>
>>>Finding the servere is not the problem. The problem is that AllTel has
>>>blocked port 135 on thier network and the user can't mount the share.
>>>Since I have DSL with BellSouth I have no problem and neither do CBeyond
>>>customers. It is only AllTel and I anticipate more will have this problem
>>>in the future as ISP's attempt to protect customers from worms.
>>
>> You got that right. Even Microsoft now recommends, in some of their
>>knowledge base articles, to block ports 135-139,1433,1434 plus several
>>others, both tcp&udp, from the general network. These are NOT protocols
>>which are appropriate for access over the internet in general. You want
>>these connections, set up a VPN. Too much trouble? Then mirror the server
>>to a box behind a firewall and let them get at it there. Or enable the
>>uploads to a box in a DMZ to which the users have access (through a VPN
>>or otherwise).
>>
>>
>>>On Saturday 10 January 2004 03:11 pm, James P. Kinney III wrote:
>>>
>>>>No. If all they are doing is downloading a file from an internet
>>>>server, then let use and http get.
>>>>
>>>>If you need more complicated access then consider setting up a wins
>>>>server so the users can find the machine and it's shares.
>>>>
>>>>On Sat, 2004-01-10 at 13:05, David Hamm wrote:
>>>>
>>>>>Are you saying you can mount shares or access directories and files
>>>>>via HTTP in the same manner as SMB? The SMB users need the full
>>>>>functionality of an SMB share.
>>>>>
>>>>>On Saturday 10 January 2004 12:14 pm, James P. Kinney III wrote:
>>>>>
>>>>>>Try a login authenticated web access.
>>>>>>
>>>>>>On Sat, 2004-01-10 at 11:30, David Hamm wrote:
>>>>>>
>>>>>>>Hello,
>>>>>>>
>>>>>>>I have an FTP server sittting on the Internet. One group of
>>>>>>>users uploads files via FTP the other group downloads those files
>>>>>>>via SMB. Securing SMB communications in most cases is handeled by
>>>>>>>listing the SMB users's IP address in an IPTables rule with a -j
>>>>>>>ACCEPT. But recently I gained an SMB user an ALLTel's network
>>>>>>>and ALLTel blocks port 135. The only options I can come up with
>>>>>>>is eithher FreeSwan or PopTop and from recent experiences I'm not
>>>>>>>excited about using either. I wonder if I could run SMB on
>>>>>>>another port? Under Linux I don't see a problem but the Windows
>>>>>>>workstations mounting the share can't be modified since they also
>>>>>>>participate in an SMB based LAN. Any suggestions are welcomed.
>>>>>>>
>>>>>>>Thanks.
>>>>>>>
>>>>>>>_______________________________________________
>>>>>>>Ale mailing list
>>>>>>>Ale at ale.org
>>>>>>><a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>>>>>
>>>>>_______________________________________________
>>>>>Ale mailing list
>>>>>Ale at ale.org
>>>>><a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>>>
>>>_______________________________________________
>>>Ale mailing list
>>>Ale at ale.org
>>><a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> <a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
>
--
__________________________________________________________
Dow Hurst Office: 770-499-3428 *
Systems Support Specialist Fax: 770-423-6744 *
1000 Chastain Rd. Bldg. 12 *
Chemistry Department SC428 Email: dhurst at kennesaw.edu *
Kennesaw State University Dow.Hurst at mindspring.com *
Kennesaw, GA 30144 *
************************************************************
This message (including any attachments) contains *
confidential information intended for a specific individual*
and purpose, and is protected by law. If you are not the *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it, *
is strictly prohibited. *
************************************************************
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00374" href="msg00374.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> ale at spinnerdog.com (David Hamm)</li></ul></li>
<li><strong><a name="00384" href="msg00384.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> ale at spinnerdog.com (David Hamm)</li></ul></li>
<li><strong><a name="00401" href="msg00401.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> mhw at wittsend.com (Michael H. Warfield)</li></ul></li>
<li><strong><a name="00416" href="msg00416.html">[ale] SMB options</a></strong>
<ul><li><em>From:</em> ale at spinnerdog.com (David Hamm)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00457.html">[ale] Atapi cdrecord?</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00459.html">[ale] Atapi cdrecord?</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00443.html">[ale] SMB options</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00389.html">[ale] SMB options</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00458"><strong>Date</strong></a></li>
<li><a href="threads.html#00458"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>