From owner-freebsd-ipfw Sat Jan 15 18:22:48 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from altair.origenbio.com (altair.origenbio.com [216.30.62.130]) by hub.freebsd.org (Postfix) with ESMTP id EF3DB14C91 for ; Sat, 15 Jan 2000 18:22:38 -0800 (PST) (envelope-from dmartin@origen.com) Received: from origen.com (dubhe.origen [192.168.0.5]) by altair.origenbio.com (8.9.3/8.9.3) with ESMTP id UAA32141; Sat, 15 Jan 2000 20:22:03 -0600 (CST) (envelope-from dmartin@origen.com) Message-ID: <38812B16.6431C8FE@origen.com> Date: Sat, 15 Jan 2000 20:21:10 -0600 From: Richard Martin X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: cjclark@home.com Cc: Olaf Hoyer , freebsd-ipfw@FreeBSD.ORG Subject: Re: Simple router with basic firewall functionalioties References: <200001160119.UAA53469@cc942873-a.ewndsr1.nj.home.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > I also thought about a SAMBA server, to ensure compatibility to exchanga > > data with the M$ machines running here. Any security issues? > > If you run Samba servers, yes. But... It would be a VERY good idea to block any samba traffic directed in from the Internet. From my firewall logs, the top three types of probes we get are: SunRPC (port 111) Samba (137,138) and PCanywhere (5632) Samba is a very chatty protocol which will propagate to the edge of the Internet if allowed. Let a broadcast get out and you can expect to receive a friendly reply... Be sure the other services are turned off if you do not specifically need them. > > > Is it also possible to Send/receive the "messenging service" of NT, > > respective the "Popups"? Do you mean the AOL messenger service? I think that comes in as POP traffic. Just 'allow' traffic on that port thru from the Internet. -- Richard Martin dmartin@origen.com OriGen Biomedical Tel: +1 512 474 7278 2525 Hartford Rd. Fax: +1 512 708 8522 Austin, TX 78703 http://www.formed.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message