How can I keep Samba, file sharing, out of my computer?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read this

How can I keep Samba, file sharing, out of my computer?

Postby NewsAndHistory on Sat Sep 24, 2011 11:49 am

I keep getting a firewall hit from an IP Address192.168.1.4 on port 137. Protocol is UDP. Source is something called Samba.I looked up Samba and it has something to do with file sharing of windows documents. I don't share files and I'm not on a wireless network for people to be hacking into my computer. What is the deal with this and how do I keep it out of my computer? I keep getting hits from it.

I'm a newbie. Please keep responses simple, easy-to-follow instructions appreciated.
NewsAndHistory
Level 1
Level 1
 
Posts: 31
Joined: Mon Sep 29, 2008 10:21 am

Linux Mint is funded by ads and donations.
 

Re: How can I keep Samba, file sharing, out of my computer?

Postby xenopeek on Sat Sep 24, 2011 12:05 pm

Are you using Linux Mint 11? Or something else...

In case you are using the Linux Mint 11. Open a terminal, and run the following commands to stop Samba:
Code: Select all
sudo stop nmbd
echo manual | sudo tee -a /etc/init/nmbd.override

sudo stop smbd
echo manual | sudo tee -a /etc/init/smbd.override

The first command in each group disables it directly, the second command in each group disables it for future reboots. You will have to enter your password, note that the cursor won't move and characters won't appear as you type.

Another service you might want to stop is Avahi / Zeroconf. This is for easily finding other computers on your network, and to connect to Apple fileshares. If you don't use either of those, disable with:
Code: Select all
sudo stop avahi-daemon
echo manual | sudo tee -a /etc/init/avahi-daemon.override

Last but certainly not least, make sure you have enabled the firewall! This would block all traffic regardless of the services running or not (you would have to specifically allow a service to receive traffic, else the firewall will block all incoming connects). Go to Menu -> Control Center -> Firewall Configuration and make sure "Enabled" is checked.

After reboot confirm your firewall is active, by running:
Code: Select all
sudo ufw status verbose

This should reply as follows, make sure the red parts match:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

Now check with:
Code: Select all
sudo ufw show listening

Which services are still listening and allowed to receive traffic. For me this says:
tcp:
udp:
123 192.168.1.33 (ntpd)
123 * (ntpd)
68 * (dhclient)

You need the dhclient to get an IP address from your broadband modem or router, and the ntpd I have running for my machine to synchronize the clock with internet servers.

Finally, you can do a ports probe from https://www.grc.com/x/ne.dll?bh0bkyd2, and see if any ports remain open to the internet that shouldn't.

Usually the firewall in your broadband modem also blocks all incoming traffic, so you would have been quite safe to computers outside your own network. Defense in depth is better however (having redundant defenses, like also running a firewall on your machine, and also disabling any services you don't need).
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14987
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: How can I keep Samba, file sharing, out of my computer?

Postby NewsAndHistory on Sat Sep 24, 2011 1:25 pm

Thank you very much! Yes, I have a firewall, but can you recommend one? I don't know what's best for Linux systems.

Very best.
NewsAndHistory
Level 1
Level 1
 
Posts: 31
Joined: Mon Sep 29, 2008 10:21 am

Re: How can I keep Samba, file sharing, out of my computer?

Postby xenopeek on Sat Sep 24, 2011 1:32 pm

The one you have is good :D It is just a front-end to iptables, which controls the actual firewall that is built into the Linux kernel.
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14987
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: How can I keep Samba, file sharing, out of my computer?

Postby MacLindroid on Wed Jun 11, 2014 10:38 am

When using Shields Up, it reports my Huawei E3131 USB HSDPA dongle which is a router, not my computer.
Last edited by xenopeek on Wed Jun 11, 2014 11:05 am, edited 1 time in total.
Reason: Locked for necro-bumping. Make a new topic if you need support, don't post questions on topics years old.
I will only beaten when I admit defeat but Eye Kant Spal Kwit
MacLindroid
Level 3
Level 3
 
Posts: 126
Joined: Sat Apr 26, 2014 10:16 am


Return to Newbie Questions

Who is online

Users browsing this forum: Bing [Bot], gingertom5005, Google [Bot], Hecubus, JDSeverus and 23 guests