On Tue, 2004-06-22 at 12:18, Paul Bradshaw wrote: > Thanks Scot, > > There's no administrator or guest account either on OS or Samba server, > so I figured it was something related to how Samba impersonates a > Windows fileshare. Samba is not actually vulnerable to to any Microsoft > Windows Exploits, is it? I always just assumed it wasn't, but I want to > make sure. Then you should be OK. Like I said it is always best to test it directly if you have any questions on it. I don't know of any exploits at the moment. Not to say there won't be any in the future. Probably the biggest hole is poor passwords. The most likely security issue is someone shoulder surfing as you log in or poor passwords which can easily be brute forced. Just make sure you are using encrypted passwords so packet sniffing is made a little more difficult. But in most networks your standard switch makes sniffing traffic more difficult than the typical user can handle. -- Scot L. Harris webid@xxxxxxxxxx Time flies like an arrow. Fruit flies like a banana.
