Re: [vox-tech] Samba and network stuff

[Henry House <hajhouse@houMAPSseag.com>]

On Wed, Mar 14, 2001 at 02:38:59PM -0800, pblickiss@ucdavis.edu wrote:
> Has anyone set up Samba 2.2 or Samba TNG as a domain controller?  I'm setting 
> up a network consisting of a linux gateway, two Win2k boxes, and Win9x box and 
> various other stuff (maybe a RAID server if I can dig up the drives) and I'd 
> also like to run a webserver just for the practice.  This'll all be on a 
> network where you're supposed to purchase one connection per computer, now 
> obviously, I don't want to pay for that many connections when I can just pay 
> for one and MASQ it.  Any tips on how to set this up?  Do I even need a domain 
> controller.  What security risks am I taking?  Am I insane for taking this on 
> in the first place?  Also, how can I make sure that the sysadmin for the 
> network only thinks I have one cmputer connected instead of six? :)  We have 
> unlimited data transfer but the line is capped at one of three speeds based on 
> how much I want to shell out.  Thanks for the help.

I'm a little fuzzy on your goals. I assume you want all networked machines to
have net access. Do you want other machines outside of your masqueraded net
to have access to your SMB shares, or are the SMB shares just for the 3 win
boxes inside the MASQd net?

It is a very bad idea security-wise to have SMB shares accessible to the net
at large. It you want the world to have acces to your files, just use a web
server. If you want your internal MASQd machines to have SMB access, be sure
to firewall the SMB ports to the net. I will gladly send you my simple
firewall script (not updated for Linux 2.4, alas) upon request.

-- 
Henry House
OpenPGP key available from http://hajhouse.org/hajhouse.asc