How To Secure Samba NMBD/SMBD to bind to a specific IP address -

How To Secure Samba NMBD/SMBD to bind to a specific IP address

By default Samba SMB/NMB listen on ANY and ALL IPs on your system by binding to 0.0.0.0.  Obviously this is a huge security risk if you have a public facing server with both internal and external access.  Usually when a system administrator sets up a samba server their intention is just to share with a LAN.

To do this you need to the following options under the [global] section in smb.conf

bind interfaces only = yes
interfaces = 192.168.1.10
hosts allow = 192.168.1.

The "bind interfaces only" tells Samba to only bind to the IP specified under "interfaces".

hosts allow is there for good measure (normally hosts allow will the only thing stopping people from the outside from accessing your samba server).  The safest way of course is to firewall on the public WAN side and to not bind to any interface or IP that you don't want to have access.

 


  • sign_and_send_pubkey: signing failed: agent refused operation - SSH Solution
  • Centos PXEBoot NetInstall Failure - Pane is dead
  • Intel NUC J3455 Linux Kernel freeze slowness 4.4.98 errors
  • named[1525]: error (broken trust chain) resolving 'min-api.cryptocompare.com/A/IN': 173.245.58.78#53 solution
  • Linux Ubuntu Mint Debian cannot play xvid,x264,mp4 or any videos codec issue - xplayer Could not initialize supporting library.
  • wget howto output to terminal or script instead of file
  • imagemagick convert to chop off top of image
  • How To Set or Change Useragent in Firefox and Seamonkey
  • How To Turn Any .iso file into a bootable USB drive
  • Linux Mint Ubuntu Debian How To Disable Webcam Automatically Onboot To Prevent Spying and Privacy Violations
  • IcedTea Java Web Viewer Config Utility How To Enter
  • Debian Linux Mint Ubuntu Disable Automatic apt-get update
  • How To Install Seamonkey Web Browser on Debian Ubuntu Linux Mint
  • Prevent SSH Bruteforce and Hacks By Disabling Password Authentication
  • SMF Forums / Simple Machines Forums Not Displaying Images Theme or Styles Properly using 127.0.0.1
  • solution mysqldump: Got error: 1044: Access denied for user 'user'@'localhost' to database 'thedb' when using LOCK TABLES
  • MySQL How To Grant Access To ALL Databases For Export and Backup Purposes
  • mdadm how to stop or start a check
  • vzquota : (error) Quota on syscall for id 4532: No such file or directory vzquota on failed [3] OpenVZ Error and Solution
  • Apache htaccess Custom ErrorDocument not working properly for root home page 403 Error Issue and Solution