[K12OSN] hide network shares
Peter Scheie
peter at scheie.homedns.org
Wed Mar 7 19:23:22 UTC 2007
I haven't done this, but considering Windows shares use port 137-139, I'm pretty sure
you could add a few rules to iptables to block outbound traffic destined for those
ports. That way you don't have to mess with the Windows machines. Anyone who's good
with iptables wanna take a crack at creating such a blocking rule? I'll make what is
probably an incorrect attempt to start the discussion:
iptables -A INPUT -p tcp --dport 137 -j DROP
Add similar rules for ports 138 & 139 (there's a way to specify a range, but I can't
recall the syntax) and your linux box won't be able to 'see' any Windows shares.
Petre
Ray Garza wrote:
> On Wednesday 07 March 2007 12:29, Terrell Prudé Jr. wrote:
>> You can use share permissions or NTFS permissions; either will do the
>> trick. They'll still be able to see that the shares exist, but they
>> won't be able to actually access them. It's much like when you set 700
>> permission on the /root directory in GNU/Linux or *BSD. Regular users
>> can see that /root exists, but they can't do anything with it.
>>
> You mean change the Share permissions on each Staff PC? I could do that but I
> was hoping to to do it at a single point (server) rather than go around to
> each Staff PC and make the changes.
>
> I'll give your suggestion more thought.
>
> Thanks for the input.
>
> Ray
>
>> --TP
>> _______________________________
>> Do you GNU!?
>> Microsoft Free since 2003 <http://www.gnu.org/>--the ultimate antivirus
>> protection!
>>
>> Ray Garza wrote:
>>> Greetings group,
>>>
>>> I'm using K12LTSP 6.0 in a mixed environment (Windows, Linux, K12LTSP)
>>> and I would like to prevent users on the K12LTSP PC's from seeing the
>>> network shares on the staff PC's.
>>>
>>> I've tried to use Sabayon to delete the Networks submenu item under
>>> Places (Gnome) but can't. I cannot even get rid of the Places Menu.
>>>
>>> Any idea's to restrict access to Browsing the network?
>>>
>>> Thanks,
>>>
>>> Ray
>>>
>>> _______________________________________________
>>> K12OSN mailing list
>>> K12OSN at redhat.com
>>> https://www.redhat.com/mailman/listinfo/k12osn
>>> For more info see <http://www.k12os.org>
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>
More information about the K12OSN
mailing list