Re: [SLE] Duelling SAMBAs

From: Joaquin Menchaca (linuxuser_at_finnovative.net)
Date: 01/06/05

  • Next message: Michael Fischer: "Re: [SLE] Suse and SATA on Dell Optiplex gx280"
    Date: Thu, 06 Jan 2005 11:11:49 -0800
    To: suse-linux-e@suse.com
    
    

    Örn Einar Hansen wrote:

    >Şann Şriğjudagur 04 janúar 2005 18:36 skrifaği Joaquin Menchaca:
    >
    >
    >>Lastly, SAMBA requires authentication, while NFS does not. You have to
    >>map SMB-style accounts to UNIX accounts, which can be cumbersome, but
    >>does provide a level of security. However, NFS requires the UID to
    >>match, but doesn't do any sort of authentication. This can be considered
    >>rather dangerous, as a hacker can find the UIDs and get access to the
    >>files.
    >>
    >>
    >
    > True, for the most part ... there is something called NIS that works in
    >coherence with NFS. Point is, if you have two, or more, Linux or Unix
    >machines, that already handle authendication adequately. You are likely to
    >want a "common" userbase, for ease of administration. I see no reason to add
    >more authendication protocols to that, unless the system is volatile and the
    >network is insecure ... but I'm not running the pentagon at home.
    >
    >
    >My 2¢ worth,
    > Örn
    >
    >
    NIS has very weak security. For that reason, it is never used by any
    companies that have any slight concern over security. You'd be amazed
    how resource hackers can be once they find a way to worm into your
    network. However, it is doubtful that the general hacker would bother
    with household systems, rather than high profile prestige places. If
    one did, it'd probaly be to zombie machines for a coordinated DoS attack
    against something like SCO.

    For my network, due to my Linksys problems with Wi-Fi security, I avoid
    opening up any computer, as unknown neighbors can have fun. So, all of
    my computers (about a half-score of them) are firewalled, in addition to
    the main firewall. I'm now setting up a permiter network and a private
    network, so I won't have to worry as much.

     - joaquin

    ps - speaking of which, any good how-tos to turn Linux into a WAP? Is
    there support for WPA and using RADIUS authentication for WPA?

    -- 
    Check the headers for your unsubscription address
    For additional commands send e-mail to suse-linux-e-help@suse.com
    Also check the archives at http://lists.suse.com
    Please read the FAQs: suse-linux-e-faq@suse.com
    

  • Next message: Michael Fischer: "Re: [SLE] Suse and SATA on Dell Optiplex gx280"