Samba NT4 PDC Port Usage: Difference between revisions
Mmuehlfeld (talk | contribs) (Split old Samba port usage into single page for each purpose) |
Mmuehlfeld (talk | contribs) m (Change netstat example) |
||
Line 11: | Line 11: | ||
You can use "netstat" to identify which ports Samba and related daemons are listening on and on which IPs: |
You can use "netstat" to identify which ports Samba and related daemons are listening on and on which IPs: |
||
# netstat -tulpn | egrep " |
# netstat -tulpn | egrep "smbd|nmbd|winbind" |
||
The following is a snippet of an example output: |
The following is a snippet of an example output: |
||
Line 17: | Line 17: | ||
tcp 0 0 127.0.0.1:139 0.0.0.0:* LISTEN 43270/smbd |
tcp 0 0 127.0.0.1:139 0.0.0.0:* LISTEN 43270/smbd |
||
tcp 0 0 10.0.0.1:139 0.0.0.0:* LISTEN 43270/smbd |
tcp 0 0 10.0.0.1:139 0.0.0.0:* LISTEN 43270/smbd |
||
tcp 0 0 10.0.0.1:88 0.0.0.0:* LISTEN 43273/samba |
|||
tcp 0 0 127.0.0.1:88 0.0.0.0:* LISTEN 43273/samba |
|||
tcp 0 0 127.0.0.1:445 0.0.0.0:* LISTEN 43270/smbd |
tcp 0 0 127.0.0.1:445 0.0.0.0:* LISTEN 43270/smbd |
||
tcp 0 0 10.0.0.1:445 0.0.0.0:* LISTEN 43270/smbd |
tcp 0 0 10.0.0.1:445 0.0.0.0:* LISTEN 43270/smbd |
||
..... |
..... |
||
The above example shows, that the services are listening on localhost (127.0.0.1) and the interface with IP 10.0.0.1 - each on the listed ports (139 |
The above example shows, that the services are listening on localhost (127.0.0.1) and the interface with IP 10.0.0.1 - each on the listed ports (139, 445,...). |
||
Revision as of 17:16, 25 August 2015
Introduction
If you require to secure your Samba installation with a firewall, you would need information, what ports and protocols are used. This page will give you an overview.
Identify on which ports and interfaces Samba is listening
You can use "netstat" to identify which ports Samba and related daemons are listening on and on which IPs:
# netstat -tulpn | egrep "smbd|nmbd|winbind"
The following is a snippet of an example output:
tcp 0 0 127.0.0.1:139 0.0.0.0:* LISTEN 43270/smbd tcp 0 0 10.0.0.1:139 0.0.0.0:* LISTEN 43270/smbd tcp 0 0 127.0.0.1:445 0.0.0.0:* LISTEN 43270/smbd tcp 0 0 10.0.0.1:445 0.0.0.0:* LISTEN 43270/smbd .....
The above example shows, that the services are listening on localhost (127.0.0.1) and the interface with IP 10.0.0.1 - each on the listed ports (139, 445,...).
Port usage when Samba runs as an NT4 Primary Domain Controller
Service | Port | protocol |
---|---|---|
End Point Mapper (DCE/RPC Locator Service) | 135 | tcp |
NetBIOS Name Service | 137 | udp |
NetBIOS Datagram | 138 | udp |
NetBIOS Session | 139 | tcp |
SMB over TCP | 445 | tcp |
Prevent Samba from listening on all interfaces
Sometimes you don't want Samba to listen on all interfaces of your host. For example, when the host is directly connected to the internet, you surely don't want to provide your shares to the rest of the world. If you limit Samba to listen only on the internal NIC(s), you don't need a firewall to prevent access from the outside.
Add the following to the "[global]" section of your smb.conf to bind Samba to eth0 and loopback:
bind interfaces only = yes interfaces = lo eth0
The "interfaces" parameter allows various ways to restrict. See the manpage for more details.
After the changes, restart Samba.