On Mon, 22 Sep 2003 17:23:19 +0200
"Wojciech Potyka" =
<wojtek@netprovidence.com> wrote:
>
> Witam
>
> znalazlem ostatnio cos takiego w logach =
samby:
>
> [2003/09/21 05:36:33, 1] =
smbd/process.c:process_smb(839)
> Connection denied from =
213.22.140.213
> [2003/09/21 09:40:18, 0] =
lib/access.c:check_access(333)
> Denied connection from =
(213.22.13.28)
> [2003/09/21 09:40:18, 1] =
smbd/process.c:process_smb(839)
> Connection denied from =
213.22.13.28
> [2003/09/21 09:44:12, 0] =
lib/access.c:check_access(333)
> Denied connection from =
(213.22.13.28)
>
> Tyle ze uzywam firewalla i wydaje mi sie =
ze ludzie z zewnatrz nie powinni dzieki niemu widziec samby.
>
> Ponizej moje regulki firewalla?
>
> iptables -P INPUT DROP
>
> iptables -A INPUT -p tcp --dport 137 -s =
192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p udp --dport 137 -s =
192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p tcp --dport 138 -s =
192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p udp --dport 138 -s =
192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p tcp --dport 139 -s =
192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p udp --dport 139 -s =
192.168.1.0/24 -i eth0 -j ACCEPT
> (oczywiscie 192... to moja siec ktora sambe =
widziec powinna)
>
> Co jest nie tak a moze ja cos zle rozumie =
?
>
> Pozdrawiam Wojtek
>
>
A ja nie mam firewalla i też takie cosik mam w =
logach.
Do tego mam logi z jakimiś rozszerzeniami =
(/var/log/):
132135 -rw-r--r-- 1 =
root =
root 2399 Sep 21 14:40 =
samba.50163099sp
131515 -rw-r--r-- 1 =
root =
root 2379 Sep 21 14:09 =
samba.alevrius_
132131 -rw-r--r-- 1 =
root =
root 3144 Sep 20 23:06 =
samba.badcat
132130 -rw-r--r-- 1 =
root =
root 4107 Sep 21 14:18 =
samba.gustavo
132134 -rw-r--r-- 1 =
root =
root 6899 Sep 21 14:44 =
samba.localhost
132249 -rw-r--r-- 1 =
root =
root 0 =
Sep 21 13:28 samba.lv
131970 -rw-r--r-- 1 =
root =
root 455 Sep 21 =
03:11 samba.momerdadd
132133 -rw-r--r-- 1 =
root =
root 3507 Sep 21 13:35 =
samba.rampeiras
132211 -rw-r--r-- 1 =
root =
root 799 Sep 21 =
13:53 samba.shitbanda
132129 -rw-r--r-- 1 =
root =
root 11722 Sep 20 22:59 =
samba.smbd
132241 -rw-r--r-- 1 =
root =
root 457 Sep 21 =
08:58 samba.talentoaa
Zawartość pierwszego przedstawia się =
następująco:
[2003/09/19 21:33:38, 0] =
smbd/service.c:make_connection(252)
50163099sp (80.14.108.211) couldn't find =
service c
[2003/09/19 23:10:04, 0] =
smbd/service.c:make_connection(252)
50163099sp (68.155.54.80) couldn't find =
service c
[2003/09/19 23:21:22, 0] =
smbd/service.c:make_connection(252)
50163099sp (201.128.1.12) couldn't find =
service c
[2003/09/20 00:28:11, 0] =
smbd/service.c:make_connection(252)
50163099sp (64.240.101.48) couldn't find =
service c
[2003/09/20 05:33:05, 0] =
smbd/service.c:make_connection(252)
50163099sp (63.228.47.109) couldn't find =
service c
[2003/09/20 07:47:24, 0] =
smbd/service.c:make_connection(252)
50163099sp (217.165.111.229) couldn't find =
service c
[2003/09/20 08:12:33, 0] =
smbd/service.c:make_connection(252)
50163099sp (218.165.179.193) couldn't find =
service c
[2003/09/20 09:19:45, 0] =
smbd/service.c:make_connection(252)
50163099sp (211.135.145.96) couldn't find =
service c
[2003/09/21 00:40:43, 0] =
smbd/service.c:make_connection(252)
50163099sp (67.64.219.2) couldn't find service =
[2003/09/21 03:49:13, 0] =
smbd/service.c:make_connection(252)
50163099sp (61.220.40.23) couldn't find =
service c
[2003/09/21 04:26:23, 0] =
smbd/service.c:make_connection(252)
50163099sp (64.203.193.101) couldn't find =
service c
[2003/09/21 04:52:03, 0] =
smbd/service.c:make_connection(252)
50163099sp (61.231.201.122) couldn't find =
service c
[2003/09/21 05:16:21, 0] =
smbd/service.c:make_connection(252)
50163099sp (65.42.91.154) couldn't find =
service c
[2003/09/21 05:52:45, 0] =
smbd/service.c:make_connection(252)
50163099sp (67.113.53.93) couldn't find =
service c
[2003/09/21 10:41:08, 0] =
smbd/service.c:make_connection(252)
50163099sp (148.240.116.146) couldn't find =
service c
[2003/09/21 10:45:26, 0] =
smbd/service.c:make_connection(252)
50163099sp (218.167.184.48) couldn't find =
service c
[2003/09/21 11:29:38, 0] =
smbd/service.c:make_connection(252)
50163099sp (66.143.232.233) couldn't find =
service c
[2003/09/21 11:50:12, 0] =
smbd/service.c:make_connection(252)
50163099sp (218.168.59.240) couldn't find =
service c
[2003/09/21 14:11:37, 0] =
smbd/service.c:make_connection(252)
50163099sp (195.175.181.12) couldn't find =
service c
[2003/09/21 14:37:32, 0] =
smbd/service.c:make_connection(252)
50163099sp (218.214.9.46) couldn't find =
service c
[2003/09/21 14:40:00, 0] =
smbd/service.c:make_connection(252)
50163099sp (82.64.242.230) couldn't find =
service c
A config mam taki (ustawiony na sieć lokalną - tak =
mi się zdaje):
[global]
log file =
= /var/log/samba.%m
load =
printers = yes
socket =
options = TCP_NODELAY
interfaces =
= 192.168.1.1/255.255.255.0
encrypt =
passwords = yes
wins =
support = true
dns proxy =
= no
netbios =
name = Blizzard
server =
string = Home Server
path = =
/var/share
default =
= global
workgroup =
= HOME
os level =
= 20
security =
= user
max log =
size = 50
ssl ca =
[homes]
comment = Home Directories
browseable = no
writable = yes
[www]
writeable =
= yes
path = =
/var/www/htdocs
Czy jeśli w konfigu dla samby zaznaczone jest że = ma działać na interfejsie od sieci lokalnej to mimo to można ją = z Internetu wyniuchać?
Received on Sat Feb 21 03:44:20 2004