Firewall security: Problems with simple Samba file share 3600

Peter T. Breuer

That's idiotic, sorry. *Some* exploits are discovered by white hats, reported privately, and yes, in that case the problem can be fixed before anyone else knows about it. That is not always the case, has not always been the case, and even where it has been, you have no butturance that the exploit hasn't been independently discovered by someone else either before or concurrent with the white hat reporting.

You aren't paying attention, are you? The firewall is allowing some access, but not all access. Therefor it can help protect in this situation.

Huh? A server is intended to do what its owner intends it to do.

That's exactly what we've been talking about here, in addition to accidental misconfiguration - which can happen to anyone, newbie or not.

Sigh.. again - it may not be safe by default. Round and round we go..

How do you know who was aware of the vulnerability or how long they were aware of it? Take the case of Ken's infamous root login hack.. unknown to anyone until he divulged it - or was it?

Yes, there I am. That proves my points, not yours!

-- Tony Lawrence