Government Security
Network Security Resources

Jump to content

Photo

Domain Member

windows linux server
  • Please log in to reply
4 replies to this topic

#1 cb122

cb122

    Private First Class

  • Members
  • 37 posts

Posted 29 March 2011 - 07:01 AM

If you join say a red hat linux server to a domain, predominantly occupied by windows workstations / servers, is there anyway outside of password attacks that an internal windows user sat at their workstation can gain access the linux servers file system? In windows often some of the servers have open file shares that if they user is on the ACL they can mount and see what data they can get to, I wasnt sure on teh rules and if similar may be a problem for the linux server. As its a different file system to NTFS I assume its not this simple but worthwhile asking out...

#2 Jeremy

Jeremy

    Commander in Chief

  • Retired Admin
  • 2,459 posts

Posted 29 March 2011 - 07:47 AM

CIFS or SMB (file sharing) is the same on WIndows as *nix. Look at what permissions are setup for the share (eg anonymous, everyone, named users, etc.) and then look at the ext3 permissions. It is the same concept as Windows so if you don't see anonymous, guest or everyone accounts, then you need to look for password attacks (or people that just know passwords to named accounts that they shouldn't).

#3 cb122

cb122

    Private First Class

  • Members
  • 37 posts

Posted 29 March 2011 - 09:34 AM

Thanks, so windows clients (workstations) in the domain can essentitally read/write files for the linux share(s)?

Any idea how to list of all shares on a *nix server, and the ACL per share?

Do you know the default ACL for a new *nix share, and do they have the concept of "adminstrative shares"

#4 bonarez

bonarez

    Retired GSO Second Lieutenant

  • Sergeant Major
  • 1,252 posts

Posted 29 March 2011 - 10:01 AM

Thanks, so windows clients (workstations) in the domain can essentitally read/write files for the linux share(s)?

if SMB is set up so they can write, sure they can write. They can not however view Linux NFS shares with the built in SMB/CIFS client

Any idea how to list of all shares on a *nix server, and the ACL per share?

best way imho is to look at the smb.conf file (/etc/smb/smb.conf) or you could use the commandline smbclient utility from another linux client.

Do you know the default ACL for a new *nix share, and do they have the concept of "adminstrative shares"

Default ACL depends pretty much on what utility you've used to set it up. You can do it the hard way (edit smb.conf) or use a GUI that comes with your distro, or use webmin in case of a server that does not run X at all.

Yes you can set up administrative shares, but that is only effective on windows clients. The only difference between admin shares and normal shares is the name (dollar at the end). Win clients interpret this as a 'hidden' share but linux (samba) does not see any difference. It is up to the client to show the shares or not

ACL depends on two things: share permissions (set up in smb.conf) and the file permissions (NTFS on Win or EXT3/4 on Linux) Even when you open all share permissions you can still deny access on file permissions.
"Ask the right question and you will receive the right answer. I'm just very sensitive about the right syntax"

Read the rules before you post

#5 cb122

cb122

    Private First Class

  • Members
  • 37 posts

Posted 04 April 2011 - 03:30 AM

Thanks, so windows clients (workstations) in the domain can essentitally read/write files for the linux share(s)?

if SMB is set up so they can write, sure they can write. They can not however view Linux NFS shares with the built in SMB/CIFS client

Any idea how to list of all shares on a *nix server, and the ACL per share?

best way imho is to look at the smb.conf file (/etc/smb/smb.conf) or you could use the commandline smbclient utility from another linux client.

Do you know the default ACL for a new *nix share, and do they have the concept of "adminstrative shares"

Default ACL depends pretty much on what utility you've used to set it up. You can do it the hard way (edit smb.conf) or use a GUI that comes with your distro, or use webmin in case of a server that does not run X at all.

Yes you can set up administrative shares, but that is only effective on windows clients. The only difference between admin shares and normal shares is the name (dollar at the end). Win clients interpret this as a 'hidden' share but linux (samba) does not see any difference. It is up to the client to show the shares or not

ACL depends on two things: share permissions (set up in smb.conf) and the file permissions (NTFS on Win or EXT3/4 on Linux) Even when you open all share permissions you can still deny access on file permissions.


Thanks for the information.

What is the built in SMB client on say an XP workstation? And what client would be required to view/read/write to linux shares from an XP workstation?





Also tagged with one or more of these keywords: windows, linux, server