homepage Welcome to WebmasterWorld Guest from 54.167.249.155
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Samba over the internet
Nutter




msg:914101
 1:44 am on Mar 21, 2006 (gmt 0)

I'm trying to set up a Samba server so that it can be accessed via internet from a WinXP machine. I can connect from an XP machine on the same network, but cannot from outside. Any suggestions as to what to try?

 

webdoctor




msg:914102
 2:00 pm on Mar 21, 2006 (gmt 0)

Is there a firewall between the machines?

Are you trying to access the server by name or by ip address (\\a.b.c.d\sharename or \\hostname\sharename)?

Nutter




msg:914103
 2:30 pm on Mar 21, 2006 (gmt 0)

Neither name nor ip address works. Win explorer sits and hums for a while and then tells me that it can't be found. There is a router, but the server is listed as the DMZ for that router and I can connect to other things on that server - SSH, RSYNC, Webmin, FTP, HTTPD (before I turned it off).

webdoctor




msg:914104
 2:53 pm on Mar 21, 2006 (gmt 0)

Can you view the shares on the Samba server? (net view \\a.b.c.d)?

Is authentication required for connections? Have you tried turning this off in smb.conf to see if it makes any difference? ("Public = yes", in which case "Read only = yes", and having only a dummy share configured might be a good idea from a security PoV)

Have you looked in the Samba log files to see if it shows anything? You can turn up the logging in smb.conf using the "log level = X" entry, where X goes from 0 to 10.

Is there a firewall of any kind on the box running Samba? Are you using hosts.allow and/or hosts.deny?

Did you compile Samba yourself, or was a prebuilt version supplied with the *nix distribution?

If you're on a broadband connection, it's possible that your ISP may be blocking certain ports (137-139 and 445 are the ones to check).

Finally, have you tried putting a Windows box (XP or Server) in place of the Samba server and seeing if you can connect to that?

Nutter




msg:914105
 2:56 pm on Mar 21, 2006 (gmt 0)

Thanks for putting a list of things to check in one place. I've been looking all over the internet and have been trying things fairly sporadically.

I am using the Samba that came with the distribution, I didn't compile it myself.

How can I check to see if those port are blocked? If they are, how can I change what ports are used?

webdoctor




msg:914106
 4:47 pm on Mar 21, 2006 (gmt 0)

How can I check to see if those port are blocked?

Make sure you Samba server is up and running, then request a full port scan from somewhere like GRC's Shields Up [grc.com]

If they are, how can I change what ports are used?

I could be wrong, but I don't think you can change this easily, since a remote Windows client has no means to specify the port when it is connecting. The client just does "net use \\a.b.c.d\share", there's no "net use \\a.b.c.d:<port>\share" syntax that I'm aware of.

If you need remote access to a Samba or Windows share, I think you should be looking at a VPN rather than exposing Samba/Windows shares directly to the internet. The ports in question (139 and 445) are very frequently probed/attacked - see DShield [dshield.org] for more info.

MattyMoose




msg:914107
 11:43 pm on Mar 23, 2006 (gmt 0)

Most likely your ISP is also blocking incoming port 139. There is no reason anymore for ISPs to permit that kind of traffic over its network. For example, I believe Telus in Canada started blocking port 139 sometime in 2004, to help prevent outbreaks of viruses and worms.

hope that saves you some trouble. You may want to look into other alternatives, maybe even something like tunnelling netbios through ssh? ( [lists.samba.org...] )

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved