[ SlackList ] [ WkikiSlack ]


Re: samba

From: Radoslaw Czyzewski <morgor@wp.pl>
Date: Mon Sep 22 2003 - 22:36:45 CEST
[slacklist] Re: samba

On Mon, 22 Sep 2003 17:23:19 +0200
"Wojciech Potyka" = <wojtek@netprovidence.com> wrote:

>
> Witam
>
> znalazlem ostatnio cos takiego w logach = samby:
>
> [2003/09/21 05:36:33, 1] = smbd/process.c:process_smb(839)
>   Connection denied from = 213.22.140.213
> [2003/09/21 09:40:18, 0] = lib/access.c:check_access(333)
>   Denied connection from  = (213.22.13.28)
> [2003/09/21 09:40:18, 1] = smbd/process.c:process_smb(839)
>   Connection denied from = 213.22.13.28
> [2003/09/21 09:44:12, 0] = lib/access.c:check_access(333)
>   Denied connection from  = (213.22.13.28)
>
> Tyle ze uzywam firewalla  i wydaje mi sie = ze ludzie z zewnatrz nie powinni dzieki niemu widziec samby.
>
> Ponizej moje regulki firewalla?
>
> iptables -P INPUT DROP
>
> iptables -A INPUT -p tcp --dport 137 -s = 192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p udp --dport 137 -s = 192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p tcp --dport 138 -s = 192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p udp --dport 138 -s = 192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p tcp --dport 139 -s = 192.168.1.0/24 -i eth0 -j ACCEPT
> iptables -A INPUT -p udp --dport 139 -s = 192.168.1.0/24 -i eth0 -j ACCEPT
> (oczywiscie 192... to moja siec ktora sambe = widziec powinna)
>
> Co  jest nie tak a moze ja cos zle rozumie = ?
>
> Pozdrawiam Wojtek

>

A ja nie mam firewalla i też takie cosik mam w = logach.
Do tego mam logi z jakimiś rozszerzeniami = (/var/log/):
 132135 -rw-r--r--    1 = root     = root         2399 Sep 21 14:40 = samba.50163099sp
 131515 -rw-r--r--    1 = root     = root         2379 Sep 21 14:09 = samba.alevrius_
 132131 -rw-r--r--    1 = root     = root         3144 Sep 20 23:06 = samba.badcat
 132130 -rw-r--r--    1 = root     = root         4107 Sep 21 14:18 = samba.gustavo
 132134 -rw-r--r--    1 = root     = root         6899 Sep 21 14:44 = samba.localhost
 132249 -rw-r--r--    1 = root     = root            0 = Sep 21 13:28 samba.lv
 131970 -rw-r--r--    1 = root     = root          455 Sep 21 = 03:11 samba.momerdadd
 132133 -rw-r--r--    1 = root     = root         3507 Sep 21 13:35 = samba.rampeiras
 132211 -rw-r--r--    1 = root     = root          799 Sep 21 = 13:53 samba.shitbanda
 132129 -rw-r--r--    1 = root     = root        11722 Sep 20 22:59 = samba.smbd
 132241 -rw-r--r--    1 = root     = root          457 Sep 21 = 08:58 samba.talentoaa

Zawartość pierwszego przedstawia się = następująco:
[2003/09/19 21:33:38, 0] = smbd/service.c:make_connection(252)
  50163099sp (80.14.108.211) couldn't find = service c
[2003/09/19 23:10:04, 0] = smbd/service.c:make_connection(252)
  50163099sp (68.155.54.80) couldn't find = service c
[2003/09/19 23:21:22, 0] = smbd/service.c:make_connection(252)
  50163099sp (201.128.1.12) couldn't find = service c
[2003/09/20 00:28:11, 0] = smbd/service.c:make_connection(252)
  50163099sp (64.240.101.48) couldn't find = service c
[2003/09/20 05:33:05, 0] = smbd/service.c:make_connection(252)
  50163099sp (63.228.47.109) couldn't find = service c
[2003/09/20 07:47:24, 0] = smbd/service.c:make_connection(252)
  50163099sp (217.165.111.229) couldn't find = service c
[2003/09/20 08:12:33, 0] = smbd/service.c:make_connection(252)
  50163099sp (218.165.179.193) couldn't find = service c
[2003/09/20 09:19:45, 0] = smbd/service.c:make_connection(252)
  50163099sp (211.135.145.96) couldn't find = service c
[2003/09/21 00:40:43, 0] = smbd/service.c:make_connection(252)
  50163099sp (67.64.219.2) couldn't find service =
[2003/09/21 03:49:13, 0] = smbd/service.c:make_connection(252)
  50163099sp (61.220.40.23) couldn't find = service c
[2003/09/21 04:26:23, 0] = smbd/service.c:make_connection(252)
  50163099sp (64.203.193.101) couldn't find = service c
[2003/09/21 04:52:03, 0] = smbd/service.c:make_connection(252)
  50163099sp (61.231.201.122) couldn't find = service c
[2003/09/21 05:16:21, 0] = smbd/service.c:make_connection(252)
  50163099sp (65.42.91.154) couldn't find = service c
[2003/09/21 05:52:45, 0] = smbd/service.c:make_connection(252)
  50163099sp (67.113.53.93) couldn't find = service c
[2003/09/21 10:41:08, 0] = smbd/service.c:make_connection(252)
  50163099sp (148.240.116.146) couldn't find = service c
[2003/09/21 10:45:26, 0] = smbd/service.c:make_connection(252)
  50163099sp (218.167.184.48) couldn't find = service c
[2003/09/21 11:29:38, 0] = smbd/service.c:make_connection(252)
  50163099sp (66.143.232.233) couldn't find = service c
[2003/09/21 11:50:12, 0] = smbd/service.c:make_connection(252)
  50163099sp (218.168.59.240) couldn't find = service c
[2003/09/21 14:11:37, 0] = smbd/service.c:make_connection(252)
  50163099sp (195.175.181.12) couldn't find = service c
[2003/09/21 14:37:32, 0] = smbd/service.c:make_connection(252)
  50163099sp (218.214.9.46) couldn't find = service c
[2003/09/21 14:40:00, 0] = smbd/service.c:make_connection(252)
  50163099sp (82.64.242.230) couldn't find = service c

A config mam taki (ustawiony na sieć lokalną - tak = mi się zdaje):
[global]
        log file = = /var/log/samba.%m
        load = printers = yes
        socket = options = TCP_NODELAY
        interfaces = = 192.168.1.1/255.255.255.0
        encrypt = passwords = yes
        wins = support = true
        dns proxy = = no
        netbios = name = Blizzard
        server = string = Home Server
        path = = /var/share
        default = = global
        workgroup = = HOME
        os level = = 20
        security = = user
        max log = size = 50
        ssl ca =

[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[www]
        writeable = = yes
        path = = /var/www/htdocs

Czy jeśli w konfigu dla samby zaznaczone jest że = ma działać na interfejsie od sieci lokalnej to mimo to można ją = z Internetu wyniuchać?

Received on Sat Feb 21 03:44:20 2004
This archive was generated by hypermail 2.1.8. Wyprawa Shackleton 2014