Security is a balance between allowing the right people easy access to a resource and preventing unwanted interlopers from getting their hands on information you don’t want them to have. Samba has a long list of configuration options that allow you to fine-tune security to exactly what you need. Here are some of the important options which you can use to make Samba available to valid users and nearly impervious to everyone else.

Passwords
Most security is based on passwords. A user name and password pair is still one of the best ways to authenticate a user, that is, as long as the password remains safe. This can be a difficult task with the proliferation of network monitoring tools that are both easy to get and easy to use. Sniffing a password off the wire has become a relatively trivial task.

Limiting password transmission on the network
Although transparent to the user, there are several ways in which Windows will transmit and receive a password. Up until Windows 2000 Service Pack 3, clear text was one of those options. Basically, the username and password were packaged and transmitted without protection across the network.

The first step is to set the Encrypted Passwords global option to Yes. This will cause Samba never to use clear-text passwords. However, Samba will, by default, start using an older LAN Manager format for hashed passwords. It’s not clear text, but the hash is sufficiently easy to crack via brute force that it’s not recommended.

To turn off LAN Manager passwords, you can add the global option Lanman Auth and set it to No. This will break any non-Windows NT/2000/XP clients and servers since these are the only clients capable of communicating with NT’s authentication. The NT authentication is substantially more difficult to break than a LAN Manager password hash. In fact, there are two versions of NT authentication, but either is sufficiently secure for today’s processing capacities. [Continued…] [Robert L. Bogue]