From owner-freebsd-questions@FreeBSD.ORG  Mon Apr 12 12:14:53 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D787F16A4CE
	for <freebsd-questions@FreeBSD.ORG>;
	Mon, 12 Apr 2004 12:14:53 -0700 (PDT)
Received: from out005.verizon.net (out005pub.verizon.net [206.46.170.143])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 67BAD43D1F
	for <freebsd-questions@FreeBSD.ORG>;
	Mon, 12 Apr 2004 12:14:53 -0700 (PDT)	(envelope-from cswiger@mac.com)
Received: from mac.com ([68.160.247.127]) by out005.verizon.net
          (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP
          id <20040412191452.KQCT2677.out005.verizon.net@mac.com>;
          Mon, 12 Apr 2004 14:14:52 -0500
Message-ID: <407AEA88.90401@mac.com>
Date: Mon, 12 Apr 2004 15:14:16 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7b) Gecko/20040316
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Bart Silverstrim <bsilver@chrononomicon.com>
References: <E6F31F15-8954-11D8-A222-000A956D2452@chrononomicon.com>
In-Reply-To: <E6F31F15-8954-11D8-A222-000A956D2452@chrononomicon.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at out005.verizon.net from
	[68.160.247.127] at Mon, 12 Apr 2004 14:14:52 -0500
cc: FreeBSD Questions <freebsd-questions@FreeBSD.ORG>
Subject: Re: OS X and FreeBSD: What could be a good setup
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Apr 2004 19:14:53 -0000

Bart Silverstrim wrote:
[ ... ]
> I'm looking at using FreeBSD on a server (web, mail, file server) with 
> OS X, Windows, and probably Linux clients.  I'd like the FreeBSD server 
> to handle authentication, but that may be a pipe dream to accomplish 
> across platforms easily :-/

LDAP would be the way to go given the platforms you mention, although NIS 
would work for everything but Windows and would be much easier to set up.

[ ... ]
> That would leave SMB/CIFS, meaning SAMBA, but I haven't found anyone 
> able to tell me if CIFS is secure "over the wire".  I seem to recall a 
> utility that would sniff network packets and if NFS is used, it can 
> capture the files as they're travelling over the network; can this 
> happen with CIFS?

Oh, yes: unless you use an encrypted tunnelling protocol like a VPN or an SSH 
tunnel, pretty much all filesharing protocols are vulnerable to subnet-local 
sniffing.  Using strong encryption when using wireless is a fine idea.  :-)

SMB/CIFS is a reasonably good choice of filesharing protocol if you're dealing 
with Windows or Mac systems using HFS+ due to case-insensitivity.  For a 
pure-Unix setup, NFS (or NFS+NIS) would be a better choice.  Modern Unices 
handle SMB about as well as they handle NFS.

-- 
-Chuck