on 9/25/2007 4:23 AM Bob Chiodini spake the following:
Good Morning,
I have a Centos 4.5 (x86_64) server running samba to share data with
windows users. We've been going through a security audit and the
following log entries were noted:
[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user bendew doesn't exist. Check your
/etc/passwd and /etc/group files
[2007/09/24 09:37:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)
get_domain_user_groups: primary gid of user [nobody] is not a Domain
group !
get_domain_user_groups: You should fix it, NT doesn't like that
[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user nobody doesn't exist. Check your
/etc/passwd and /etc/group files
[2007/09/24 09:37:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)
get_domain_user_groups: primary gid of user [mark] is not a Domain group !
get_domain_user_groups: You should fix it, NT doesn't like that
[2007/09/24 09:37:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
get_alias_user_groups: gid of user mark doesn't exist. Check your
/etc/passwd and /etc/group files
I am using tcpwrappers and have blocked the subnets that should not
access my server. The IP of the auditor is within one of the blocked
subnets, but still seems to be getting through. Is samba integrated
with tcpwrappers. ldd smbd does not show a reference to libwrap, should
it?
Bob...
I don't think it is. You set up which subnets samba listens to in its own
config file, but you will still get some log chatter about the ignored addresses.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
