[WLUG] Fwd: Samba security
Jim Irrer
irrer at umich.edu
Thu Nov 2 10:10:11 EDT 2017
I had not thought of that - simple and elegant!
I doubt that it does support multiple protocols, but I'll pursue it with
our storage group.
Thanks,
- Jim
Jim Irrer irrer at umich.edu (734) 647-4409
University of Michigan Hospital Radiation Oncology
519 W. William St. Ann Arbor, MI 48103-4943
On Tue, Oct 31, 2017 at 7:17 PM, lanewhoy <lanewhoy at gmail.com> wrote:
> Does your new environment provide storage off of NAS appliance systems
> that support multiple protocols? Using a common appliance that the Windows
> systems see as CIFS and the linux systems see as NFS or CIFS, and the
> security people see as a black box may be the best way to make everyone
> happy
>
> Lane Hoy
>
>
>
> Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone
>
> -------- Original message --------
> From: Jim Irrer <irrer at umich.edu>
> Date: 10/30/17 12:57 (GMT-05:00)
> To: "Washtenaw Linux Users Group (WLUG)" <washlug at washlug.org>
> Subject: [WLUG] Fwd: Samba security
>
> The input is much appreciated!
>
> It sounds like an up to date Samba server is as secure as a Windows file
> server.
>
> Next time I talk to the IT people I plan to press for details regarding
> their Samba security concerns.
>
> I also thought that encrypting network traffic would be a good idea.
> There are a few different avenues I need check out.
>
> Thanks,
>
> - Jim
>
> Jim Irrer irrer at umich.edu (734) 647-4409
> University of Michigan Hospital Radiation Oncology
> 519 W. William St. Ann Arbor, MI 48103-4943
>
> ---------- Forwarded message ----------
> From: Jeff Hanson <jhansonxi at gmail.com>
> Date: Sun, Oct 29, 2017 at 2:26 PM
> Subject: Re: [WLUG] Samba security
> To: "Washtenaw Linux Users Group (WLUG)" <washlug at washlug.org>
>
>
> I suggest using network encryption and virtual LANs to isolate
> unauthenticated systems. I've never did it on my last IT job years ago but
> was something I looked into.
>
> On my home network I've mostly switched to sshfs with keys.
>
> On Sun, Oct 29, 2017 at 11:13 AM, Jim Irrer <irrer at umich.edu> wrote:
>
>> I'm looking for advice and opinions. Our department is migrating our
>> Linux servers, which are running Samba, to a centranlized server farm. On
>> a previous conference call they said that they had security concerns about
>> running Samba. The call discussed a lot of topics so we did not go into
>> detail.
>>
>> I have another conference scheduled with them and intend to drill into
>> this deeper. So my question is, are there legitimate concerns in this
>> regard? We will only be exposing Samba on UM's hospital network, and it
>> seems like a lot of the risk could be mitigated by using firewalls to limit
>> access to a small set of machines. It would also seem that Samba is just
>> an implementation of Windows SMB, and if that is already being commonly
>> used, then why pick on Samba?
>>
>> Any input would be appreciated!
>>
>> Thanks - Jim
>>
>> --
>> Thanks,
>>
>> - Jim
>>
>> Jim Irrer irrer at umich.edu (734) 647-4409
>> University of Michigan Hospital Radiation Oncology
>> 519 W. William St. Ann Arbor, MI 48103-4943
>>
>> ______________________________________________________
>> washlug mailing list washlug web site
>> washlug at washlug.org www.washlug.org
>> http://linux.marcdatabase.com/mailman/listinfo/washlug
>>
>>
>
> ______________________________________________________
> washlug mailing list washlug web site
> washlug at washlug.org www.washlug.org
> http://linux.marcdatabase.com/mailman/listinfo/washlug
>
>
>
> ______________________________________________________
> washlug mailing list washlug web site
> washlug at washlug.org www.washlug.org
> http://linux.marcdatabase.com/mailman/listinfo/washlug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linux.marcdatabase.com/pipermail/washlug/attachments/20171102/4f6d7997/attachment.html>
More information about the washlug
mailing list