Firewall security: Problems with simple Samba file share 3591

Yes - but the holes might be slim. IOW: They might only allow certain subnets through.

Yes, it does. It limits the range of hosts that can successfully connect.

Wrong. See above.

Yes, but maybe only "tiny" holes. Eg. I know that I'll never go to China. Why allow connects from "chinese IP blocks" to my SSH server? Sure, there's a huge hole in the (possible) packet filter setup to allow connects from all the "german IPs". But that hole might still protect me.

And if not - who cares? There are more layers.

So?

Ah, that's what your geting at. Your at the all or nothing scenario. Yes, in that case a f-w will not help. But that's not what Tony is talking about.

They'd be using a packet filter? Interesting.

*LOL*

Again: Bullpoo. SSH (or any other service) is there to provide service to clients that are allowed to connect to it. No Chinese will ever be allowed access to my SSH server.

SSH is (on my servers) NOT for *EVERYBODY*.

No, buggy software with remote exploits is *NOT* a Windows problem. It's a universal problem, totally OS independant.

Alexander Skwar -- Marry in haste and everyone starts counting the months.