Zonealarm & smb

[Ausat]

Når jeg har på Zonealarm får jeg ikke surfet via samba på linux-boksen min, men når jeg slår av Zonealarm funker det bra. Noen som vet hvilket program/noe jeg må endre instillingene for i Zonealarm for å få fikset dette?

[sofTest]

En rask Google gav dette:

To all:

 

I have been fighting with a problem for quite sometime using Samba, a

Firewall, and Win2K boxes.  I finally found an answer to the problem and I

hope I can make some people's lives a little easier by telling everyone

about it.

 

Problem:

 

Trusted Network computers wish to talk to our webserver which is located in

our DMZ through the use of SAMBA.  Appropriate firewall rules were created

that allow only certain IPs to communicate with this one IP in the DMZ using

traditional SMB ports (137-139).  SAMBA was configured for these people and

everything else was setup appropriately.

 

All users could communicate fine with OS of Win95, Win98, Win NT, Linux,

Mac, and other *nixes.  Win2K would not talk to the Samba box at all.

 

 

Analysis:

 

After viewing the Firewall logs, it was noticed that when Win2K attempts to

establish a netbios session it sends out both a port 139 request and a port

445 request.  Port 445 is Microsoft's new implementation of "NetBios-less"

SMB traffic (or Direct hosted).  Win2K will communicate using either of

these methods depending upon which one produces a return first. (Q204279,

www.microsoft.com)

 

The port 139 request travelled through the firewall to the DMZ, established

a connection with the SAMBA server, and responded to the request.  The port

445 request travelled to the Firewall, failed any pass thru rules, and was

rejected as a Connection Refused message.  The refused connection always

took less time to send then the pass thru of the 139 to the SAMBA box.

Since the connection refused message was sent back to the host first, Win2K

elected to go into the Direct-Hosting mode and disregarded the port 139

traffic; thereby, creating a block of all SMB traffic between the Win2K box

and the SAMBA server.

 

Solution:

 

Create a firewall rule for port 445 that makes it look like a stealth port

to outgoing traffic.  That way NOTHING is ever broadcast back to the client

when using port 445.  With this configuration port 139 wins the election

because it has enough time to be sent back to the host computer and

establish the SMB connection.