![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
how to better secure smb share from linux to windows
- Thread starter umcpgrad
- Start date
Lord Nassirbannipal
[H]ard|Gawd
- Joined
- Apr 1, 2005
- Messages
- 1,155
Yeah, you can use the smb.conf file to restrict access by IP address, and you can also use it to limit access to the shares to only certain users and groups.
You can limit by IP to the share either globally or on a share basis.
For example, to allow only the 192.168.0.0/24 network access to my 'stuff' folder this would do it:
I wouldn't recommend using /etc/hosts.allow for restrictions to smb.
For example, to allow only the 192.168.0.0/24 network access to my 'stuff' folder this would do it:
Code:
[stuff]
path = /stuff
writable = yes
hosts allow = 192.168.0.I wouldn't recommend using /etc/hosts.allow for restrictions to smb.
Lord Nassirbannipal
[H]ard|Gawd
- Joined
- Apr 1, 2005
- Messages
- 1,155
Share settings.
Mackintire
2[H]4U
- Joined
- Jun 28, 2004
- Messages
- 2,986
I read an interesting way to gain Windows control over files on a linux share recently. Specifically on a linux based NAS that did not have good controls.
Install truecrypt on the windows PC. Create an encrypted large virtual volume file (as large as you need, in my case 750GB) on the linux share that has access limited to the administrator and the windows computer with the virtual volume . Mount the volume in windows as a local drive. Apply NTFS permissions as necessary. The file decryption occurs in RAM so the performance hit is rather very small.
For all purposes you can treat the encrypted volume as a local drive. Think of it as a poor mans iSCSI for devices that don't support iSCSI.
As long as you have the truecrypt password for the volume you can always access that volume from another machine or even a portable version of truecrypt on a flash drive.
Install truecrypt on the windows PC. Create an encrypted large virtual volume file (as large as you need, in my case 750GB) on the linux share that has access limited to the administrator and the windows computer with the virtual volume . Mount the volume in windows as a local drive. Apply NTFS permissions as necessary. The file decryption occurs in RAM so the performance hit is rather very small.
For all purposes you can treat the encrypted volume as a local drive. Think of it as a poor mans iSCSI for devices that don't support iSCSI.
As long as you have the truecrypt password for the volume you can always access that volume from another machine or even a portable version of truecrypt on a flash drive.