Anyone have opinions on samba being installed and used? A few customers have requested it, and I've looked it over ... I'm a bit leery of it to say the least. Anyone ever used it on a production server?
Curious as to why a Customer would need this? One does not generally put things like Samba on a production server for security reasons.
Which is exactly what I was thinking. It boils down to this: I have a reseller that targets his local businesses. He handles every aspect of their sites for them, they have no idea that they have CPanel access or anything else. As it turns out, he's too lazy to use FTP. Go figure. Anyway, after talking to several people, I've decided that my initial reservations were well founded and it won't be installed.
Samba runs very well on a Cpanel server. I have samba installed on one of our servers, however this server is behind a very restrictive firewall and we use it as a file server for our internal operations, it turns out that we also run Cpanel there for testing and development purposes. I would never ever recommend though to install samba on a production server specially if the server is not protected by a firewall.
It is not safe and secure to install Samba on any production server which is accessible through the Internet, whether you have firewall or not on that server. For Intranets, which have access to the Internet you have to make a [b:b0cb86200d]DMZ[/b:b0cb86200d].
Not true if the clients that access samba are also behind the firewall and the firewall does not allow ANYTHING in whatsoever unless the request originates from the inside
[quote:c9bf98ff5b][i:c9bf98ff5b]Originally posted by itf[/i:c9bf98ff5b] It is not safe and secure to install Samba on any production server which is accessible through the Internet, whether you have firewall or not on that server. For Intranets, which have access to the Internet you have to make a [b:c9bf98ff5b]DMZ[/b:c9bf98ff5b].[/quote:c9bf98ff5b] [quote:c9bf98ff5b][i:c9bf98ff5b]Originally posted by bert[/i:c9bf98ff5b] Not true if the clients that access samba are also behind the firewall and the firewall does not allow ANYTHING in whatsoever unless the request originates from the inside [/quote:c9bf98ff5b] bert, It seems that you are not an expert in network security before writing what is true or not make sure that you know the case completely In computer networks, a DMZ (demilitarized zone) is a computer host or small network inserted as a &neutral zone& between a company's private network and the outside public network. It prevents outside users from getting direct access to a server that has company data. (The term comes from the geographic buffer zone that was set up between North Korea and South Korea following the UN &police action& in the early 1950s.) A DMZ is an optional and more secure approach to a firewall and effectively acts as a proxy server as well. In a typical DMZ configuration for a small company, a separate computer (or host in network terms) receives requests from users within the private network for access to Web sites or other companies accessible on the public network. The DMZ host then initiates sessions for these requests on the public network. However, the DMZ host is not able to initiate a session back into the private network. It can only forward packets that have already been requested. Users of the public network outside the company can access only the DMZ host. The DMZ may typically also have the company's Web pages so these could be served to the outside world. However, the DMZ provides access to no other company data. In the event that an outside user penetrated the DMZ host's security, the Web pages might be corrupted but no other company information would be exposed. Cisco, the leading maker of routers, is one company that sells products designed for setting up a DMZ.