Ten Practical Security Steps
Protect Disk Shares
6. Do not allow any file system sharing protocols such as
NFS, Netbios (SMB or Samba) or AppleShare in from or out to the
Internet.
Firewalls discussed previously are the
prime tool for accomplishing this. In many environments, some of
these services are essential on the LAN and cannot be turned off
but the firewall can and should keep them on your LAN.
If it is essential that you use one or more of these protocols
with remote sites and you don't have dedicated WAN connections,
then you must use Virtual Private Network (VPN) technology. Get
a knowledgeable security expert to set this up. Also be sure
that any and all remote ends use firewall technology with rule
sets comparable to yours. If they don't, then your VPN will
become an intruder's highway right to your drives. All
it does is add a few IP hops between them and you.
Top of Page -
Site Map
Copyright © 2000 - 2014 by George Shaffer. This material may be
distributed only subject to the terms and conditions set forth in
http://GeodSoft.com/terms.htm
(or http://GeodSoft.com/cgi-bin/terms.pl).
These terms are subject to change. Distribution is subject to
the current terms, or at the choice of the distributor, those
in an earlier, digitally signed electronic copy of
http://GeodSoft.com/terms.htm (or cgi-bin/terms.pl) from the
time of the distribution. Distribution of substantively modified
versions of GeodSoft content is prohibited without the explicit written
permission of George Shaffer. Distribution of the work or derivatives
of the work, in whole or in part, for commercial purposes is prohibited
unless prior written permission is obtained from George Shaffer.
Distribution in accordance with these terms, for unrestricted and
uncompensated public access, non profit, or internal company use is
allowed.
|