Collaborate Disseminate
IDaaS, otherwise known as Identity-as-a-Service, is one of the hottest categories in the identity and access management market. With all of that activity, it also means that the IDaaS space…
The post IDaaS Capability to Support Samba File Servers app… Continue reading IDaaS Capability to Support Samba File Servers
Can you manage on-prem Samba file server access from the cloud? This is a question that many IT admins are asking as they look to shift more of their infrastructure…
The post Manage Samba File Server Access from the Cloud appeared first on JumpCloud…. Continue reading Manage Samba File Server Access from the Cloud
Network attached storage (NAS) devices from Synology, QNAP, and FreeNAS, among many others, are a popular choice for on-prem storage. These NAS devices are cost-effective and easy to implement. But…
The post LDAP Authentication for NAS Devices appear… Continue reading LDAP Authentication for NAS Devices
A core part of any identity management strategy is connecting users to the IT resources that they need. This role can include both physical and virtual file storage systems. A…
The post Identity Management Function Samba File Server Support appeared … Continue reading Identity Management Function Samba File Server Support
Samba file servers are a popular option for cost-effective on-prem storage. These file servers can be created with the open source Samba platform, or purchased as NAS (network attached storage)…
The post LDAP Authentication for Samba File Servers app… Continue reading LDAP Authentication for Samba File Servers
A key part of the IT infrastructure is access to files and data. With digital assets becoming more important every day, and more breaches of critical data occurring every year,…
The post Cloud IAM Feature: Access to Files and Data appeared first on J… Continue reading Cloud IAM Feature: Access to Files and Data
Samba released three security updates, including two related to SMB connections that could be abused by an attacker already on the network to hijack connections and manipulate traffic or data sent from a client. Continue reading Samba Update Patches Two SMB-Related MiTM Bugs
A long-standing bug in the network authentication protocol called Kerberos led to a security hole in Windows, Linux and more. Continue reading Windows security hole – the “Orpheus’ Lyre” attack explained
Vuln hit “all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos.” Continue reading Samba puts out new security update to address exploit that fueled WannaCry
Suppose I have several machines both Linux and Windows I want to connect to each other for file-sharing. Now I use mount -cifs command with vers=3.0 clause to access Windows shares from my Linux machines
mount -t cifs -o credentials=/etc/credentials.cred,vers=3.0,uid=1000,gid=1000 //192.168.137.1/folder /media/folder
and I also use standard Windows SMB/CIFS functionality to access Linux shares from Windows 10. What bothers me is the efficiency of such configuration.
I know that I can utilize encryption and signing in Windows, e.g. via Set-SmbServerConfiguration –RejectUnencryptedAccess $false, and I also know I can do this in Linux via smb.conf.
The question is: what is the most secure way to organize dual-way Samba sharing between Linux and Windows? Should I set up Linux as a server and Windows as client or vice versa?
It bothers me because of recent ransomware epidemic and impossibility to prohibit SMBv1 in Windows in such mixed heterogeneous landscape. When I turn off SMB/CIFS like this, my Linux boxes cannot access Windows boxes anymore.
Continue reading SMB/CIFS security in heterogeneous environment
