有patch未
NAS 啲 vendor 升級密唔密
用緊西部數碼
NAS 啲 vendor 升級密唔密
用緊西部數碼
你部NAS係真IP定響firewall後面?firewall有無Samba port forwarding?
如果響firewall 後,firewall有無forwarding應該安全。不過我識有人屋企部NAS駁出街睇相,但無知到係乜protocol。我自己部router行Linux但一年以上無得update,不過我Samba無開到。
NAS 啲 vendor 升級密唔密
用緊西部數碼
你部NAS係真IP定響firewall後面?firewall有無Samba port forwarding?
如果響firewall 後,firewall有無forwarding應該安全。不過我識有人屋企部NAS駁出街睇相,但無知到係乜protocol。我自己部router行Linux但一年以上無得update,不過我Samba無開到。
behind firewall, through NAT i think. not sure what ports they use, but i occasionally use the included app to access files there. I probably have uPNP turned on on the router
Mitigation:
Any of the following:
1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit
2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.
3. Add the parameter:
nt pipe support = no
to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.
Mitigation:
Any of the following:
1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit
2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.
3. Add the parameter:
nt pipe support = no
to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.
即係 sambacry 係 windows client 導致 ?
Mitigation:
Any of the following:
1. SELinux is enabled by default and our default policy prevents loading of modules from outside
of samba's module directories and therefore blocks the exploit
2. Mount the filessytem which is used by samba for its writeable share, using "noexec" option.
3. Add the parameter:
nt pipe support = no
to the [global] section of your smb.conf and restart smbd. This prevents clients from accessing
any named pipe endpoints. Note this can disable some expected functionality for Windows clients.
即係 sambacry 係 windows client 導致 ?
......
唔識英文定唔知咩係SMB
NAS 啲 vendor 升級密唔密
用緊西部數碼
你部NAS係真IP定響firewall後面?firewall有無Samba port forwarding?
如果響firewall 後,firewall有無forwarding應該安全。不過我識有人屋企部NAS駁出街睇相,但無知到係乜protocol。我自己部router行Linux但一年以上無得update,不過我Samba無開到。
behind firewall, through NAT i think. not sure what ports they use, but i occasionally use the included app to access files there. I probably have uPNP turned on on the router
Run this test at home behind firewall.
http://www.t1shopper.com/tools/port-scan/
On9問句 mac會唔會有事