CIFS Accounts on Printers

Harris Estep · ‎02-02-2010

I have been informed that I need to remove or disable unncessary CIFS accounts to remove a possible security vulnerability. Using the web interface and JetAdmin, I can see no reference to CIFS. Can you tell me where the CIFS accounts would be configured, added, deleted, disabled?

Robert Salter · ‎02-02-2010

You mean CIFS as in CIFS/9000?

Try doing "cifslist" to see what is mounted and by who.

Do a man on cifslogin or cifslogout to see how to logout of the CIFS mount and then just do a umount of the file system.

To disable any future mounts, comment out the entry in /etc/fstab.

Beers,

robert

Time to smoke and joke

Bill Hassell · ‎02-02-2010

CIFS is another name for SAMBA which is software that can link to Windows-based shares. The information you have is inadequate since CIFS can be a client or a server or both, so the term "account" is not meaningful, especially for a printer.

If you are directed to shutdown CIFS/SAMBA, then you can do so with the start/stop scripts and changing the /etc/rc.config.d configuration files. I would ask for clarification.

Bill Hassell, sysadmin

Viktor Balogh · ‎02-03-2010

Hi Harris,

cifslist can be used on the client side for listing the CIFS shares mounted. However, I think your HP-UX server is rather used as a CIFS server, at least that's a more common way.

Take a look here, that's a list of CIFS (~samba) config files:

http://viktorbalogh.net/blog/hp-ux/hp-ux_sysadm/samba-locations

The users are authenticated against the smbpasswd file. The unwanted users should be eliminated from this file.

/var/opt/samba/private/smbpasswd

****
Unix operates with beer.

Rita C Workman · ‎02-03-2010

Harris,

CIFS or SAMBA shares. On HPUX you want to look into the /etc/opt/samba/smb.conf file on the server and check the entries for the shares.

Now here's a caveat. Don't know what you're dealing with, but I have gotten this when mgmt brings in the latest security consultants and they 'ding' me on these shares. So, my advise, since you obviously inherited these shares -

! ! Check out what each share is doing BEFORE you remove it. Otherwise you may find you remove something that someone or some appl is using and it will be you they scream at when it stops and messes up production ! !

CIFS/SAMBA shares can create a security hole, but if you configure each share locked down properly ou can keep it reasonably secure.
And for those pesky consultants, I'm amazed at how they find these nothing (like I didn't know) shares, and miss the really big holes in security around here.
.....that we guard....

Kindest regards,
Rita

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

CIFS Accounts on Printers

CIFS Accounts on Printers

Re: CIFS Accounts on Printers

Re: CIFS Accounts on Printers

Re: CIFS Accounts on Printers

Re: CIFS Accounts on Printers