Re: Samba's protocals (was 3 different OS) Followup

["David Hodnett" <dwar@earthlink.net>]

Thank you for your responses.  Both Guenther and Whitworth 
cleared up a lot of things for me.  Both also asked what I meant 
about the NetBIOS security holes, and since this is probably a 
topic of some interest to the list at large...

First, my apologies.  Reading between the lines, I think I was 
referring to Microsoft's implementation of NetBEUI, especially circa 
Win95.  I vaguely remember back then that unless you explictly 
told the networking components of the default installation 
otherwise, anyone could mount your shared drives and printer 
sharing was enabled.  People would assign shared passwords to 
the drives, but we all know how easy some passwords can be to 
crack.

To make a long story short, SMB does require NetBIOS, but 
doesn't necessarily use NetBEUI.  It can, but doesn't have to.  I 
thought the two were essentially the same thing because I first 
started playing with NetBEUI on Windows for Workgroups which 
simply used ethernet.  Guenther and Whitworth pointed out 
otherwise.

To rephrase the original concern: I would much rather not enable 
NetBEUI on any of the Windows boxes on my LAN due to various 
shortcomings in Microsoft's implementation, including poor 
"sharing" security (Guenther and Whitworth also pointed out that 
NetBEUI was unroutable).  I had wondered if Samba required 
NetBEUI and the answer is apparently a resounding "NO."

They also correctly answered my other poorly-phrased question: I 
can simply block certain ports on my external interface and not 
worry about anyone from the outside trying to mount Samba-served 
drives.  Similarly, I can leave the network settings on the Windows 
boxes alone (or enable NetBIOS over TCP/IP), hook up Samba, 
and not worry that I'm opening more holes in Microsoft Windows. 

As far as I know, OpenBSD doesn't have anything to be concerned 
with.   :)

David
dwar@earthlink.net