Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: cubique on April 17, 2007, 03:53:11 PM
-
:!:I've search the forum for hours to find a problem/response for an issue like mine, I couldn't find anything related to this so I've posted new topic;
----------------
I have an SME 7.1.3 as dedicated server+gateway installed on my lan, which act as a gateway and also PDC for rest of us; all around we are working with WinXP Pro.
I don't know exactly what is happening, but it seems that in Network Neighbourhood (aka My Network Places) I can see my domain name (inside all workstations authetificated on PDC), but also I can see another 7 domains/workgroups and I don't know nothing about them (for sure are distinct local networks which belongs to the same ISP I using for my net connection).
I believe that this is because NetBios , port 137-139; I've done a Online Security Check (from symantec.com), they are not able to see my 137-139 ports opened but Symantec says that they could find my domain/gateway names as exposed by netbios (the values presented by them are correct)
:?: What is wrong with my SME configuration? (btw: I've done no customization, I've not altered no configuration to iptables or other table)
Any suggestion would be appreciated.
Best rgds,
Eugen
-
I know this is a dumb question, but when I set mine up, I had a heck of a time figuring out which ethernet card was the outside world, and which the inside.
You sure you got the connections right?
david
-
Maybe not a dumb question,I've ask myself that too then I've done an experiment:
- I've said: if I switched the (net) cords between (lan/wan) cards it means that the card configured as 192.168.2.1 is plugged in the WAN cord and viceversa, the card configured as 82.x.x.x is plugged in the LAN cord
- first of all: does my ISP allow me to coonect his network as 192.168.2.1? I guess not; second: if let's suppose my ISP allows me, how can others see my gw from outside when they access 82.x.x.x ?
- btw: I've switched the cords between cards and then there is no WAN connection ;)
but the question is very legitime, because lot of time I was wondering that too;
Any other ideea/suggestions?
Thx in advance,
Eugen
-
Hi, I know this is not going to directly solve your problem, but think about NOT having the PDC as server/gateway.
Can you get hold of another less powerful (but not totally decrepit) PC and use it as your firewall/gateway?
I make this suggestion only because I have an aversion to having the core unit of my network double up as the entry point for the Internet. Firewalls can be rebuilt in 1/2 an hour. Servers (especially PDCs) take much longer.
I have been using IPCOP for 3 years, which runs well on a 400MHz PC with 256 Mb RAM. Actually, yesterday I replaced it with SME Server/Gateway just to compare .... and to simplify administration.
Have you perhaps allowed some mapping of ports on your modem/router to your PDC Server/Gateway?
Cheers
Ian
-
Interesting, but the behaviour I've described is the result of Samba that in SME 7 enable by default the Wins resolution (maybe to provide names resolution for pre-Windows 2000 clients);
well, just set:
wins support = no
bind interfaces only = yes
in /etc/samba/smb.conf and the problem gone!
..more options to setup the samba to be a safe service can find at:
http://www.faqs.org/docs/securing/chap29sec284.html