[GLLUG] Samba security was Re: GLLUG Digest, Vol 239, Issue 3

nickmount91 nickmount91 at protonmail.com
Thu May 9 21:50:26 UTC 2019

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, 6 May 2019 23:43, James Roberts <j.roberts at stabilys.com> wrote:

> Hi again.
> > > > And there are the security problems using Samba.
> > >
> > > Curious what those would be?
> >
> > ETERNALBLUE for one. Passing stuff in cleartext for another. There are various other documented exploits.
> ETERNALBLUE is an SMB exploit not Samba, and patched in Samba in 2017.
SMB is underneath Samba, will always be a weakness and a source for exploiting. I do not want to check all users have up to date systems before allowing them to access the network.

> I'm not aware of any current documented exploits for Samba that are
> unpatched -- but then I wouldn't be would I?
> I wouldn't worry about any of them anyway on a secured and continuously
> updated network. Nothing protects against 0-day, but the laws of random
> are on our side as to being the first infected. I hope.
> In your case it's moot anyway, Jetdirect=/= SMB
> Couldn't you just get a more modern printer? Jetdirect was developed in
> 1991, it's always been a PITA and I'm glad to see the backside of it...

It works and is secure. I just need it to work using wifi.
> It's nice to re-use stuff but I've given in, at 68 my time is limited :)

Apparently my OS reuses stuff from 1970 :)

> Wifi printers are available for less than the cost of an ink set
> replacement...

The printer was very cheap, in good condition and has nearly full HP toners. The JetDirect was part of several I bought cheaply a while ago too, along with several switches, firewalls and Sun Rays. My Thinkpad isn't the latest model but works fine for what I need.

> Cheers. Best of luck with it...
> MeJ

I have nearly figured it out.


> Stabilys Ltd www.stabilys.com
> 244 Kilburn Lane
> W10 4BA
> 0845 838 5370

More information about the GLLUG mailing list