How To Make Samba Server Secure?
I am started using samba server in my laptop. But security is a concern. I have allready enabled firewall for linux named iptables and Fedora specific name firewalld with the following command.
$ sudo systemctl start firewalld
$ sudo systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Sun 2015-02-01 08:40:45 EET; 3 days ago
Main PID: 9957 (firewalld)
└─9957 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
But more hardening make is more secure and search for samba security with simple step. Here is what I found. Samba has option to restrict listening interfaces and connection network or ip range. Here the samba server is listening only vms interfaces named virbr0 and lo. After that permit only connnections from vms.
$ sudo vim /etc/samba/smb.conf
interfaces = lo virbr0
hosts allow = 127. 192.168.122.