joe.ward@us.schneider-electric.com
2005-Apr-27 02:56 UTC
[Samba] SAMBA 2.0.7 on Solaris 9 - How to disable port 445
I have SAMBA 2.0.7 running on about 20 Solaris 9 servers around the US. One location is experiencing interruptions for Windows XP clients who map to the SAMBA server. There are no known changes to Solaris or SAMBA to explain the change. The problem is very random. I have seen postings that discuss how XP uses ports 139 and 445. Is there a way to block port 445 in SAMBA 2.0.7? The "smb ports" configuration file entry is invalid for 2.0.7. I tried "smb -p 139 - D" and there is still traffic on port 445. Is there a way to block all TCP port 445 activity on the server side without having to learn SunScreen? Any suggestions will be most appreciated. Joe Ward joe.ward@us.schneider-electric.com
Michal Kurowski
2005-Apr-27 03:08 UTC
[Samba] Re: SAMBA 2.0.7 on Solaris 9 - How to disable port 445
joe.ward@us.schneider-electric.com [joe.ward@us.schneider-electric.com] wrote:> > Is there a way to block all TCP port 445 activity on the server side > without having to learn SunScreen?Two options: 1) upgrade to samba 3 (I know, might not be feasible but eventually you will have to that ;-) 2) make use of some other firewalls (should be there, somewhere ?) HTH -- Michal Kurowski <mkur@poczta.gazeta.pl>
John H Terpstra
2005-Apr-27 03:18 UTC
[Samba] SAMBA 2.0.7 on Solaris 9 - How to disable port 445
On Tuesday 26 April 2005 20:56, joe.ward@us.schneider-electric.com wrote:> I have SAMBA 2.0.7 running on about 20 Solaris 9 servers around the US. > One location is experiencing interruptions for Windows XP clients who map > to the SAMBA server. There are no known changes to Solaris or SAMBA to > explain the change. > > The problem is very random. I have seen postings that discuss how XP uses > ports 139 and 445. Is there a way to block port 445 in SAMBA 2.0.7? The > "smb ports" configuration file entry is invalid for 2.0.7. I tried "smb > -p 139 - D" and there is still traffic on port 445.No need to. Samba-2.x does not support port 445 afaicr.> > Is there a way to block all TCP port 445 activity on the server side > without having to learn SunScreen?Not needed if it is inactive.> > Any suggestions will be most appreciated.Best suggestion is to update to Samba-3.0.14a. Please let me know if you need help. You can contact me on (801) 936-1368. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production.