#title Securing Samba = Introduction = This article was started to give some general advice on security considerations and is not an exhaustive review of samba security. === /etc/samba/smb.conf === * Networking Section - use "hosts allow" and "hosts deny" {{{ # hosts allow = 127.0.0.1 192.168.1.0/24 hosts allow = 127.0.0.1 192.168.1.1 192.168.1.2 hosts deny = 0.0.0.0/0 }}} hosts deny 0.0.0.0/0 = all others. * Shares * When defining a share, consider the following options : 1. browseable = no ~ Shares will not show up when browsing your network. 1. users = user1 user2 ~ List of users able to access the share When setting up a Samba share, you can limit the users who have access to your share {{{ [private] comment = Private Share path = /path/to/share/point browseable = no read only = no valid users = user1 user2 user3 }}} Now only samba users user1, user2, and user3 will have access to the share "private". === Firewall === Configure your firewall (iptables) to limit access to your server. Samba uses ports * UDP ports 137 and 138 * TCP ports 139 and 445