From 3878085eca35d5c3b08761f61281de0b1b49ce2d Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 1 Jul 2003 22:58:52 +0000 Subject: regenerate docs (This used to be commit cc02d3bc170fe5c8c4474156edb6c83720a47aa0) --- docs/faq/FAQ-features.html | 67 ++++++++++------------------------------------ 1 file changed, 14 insertions(+), 53 deletions(-) (limited to 'docs/faq/FAQ-features.html') diff --git a/docs/faq/FAQ-features.html b/docs/faq/FAQ-features.html index 9bcd8437b8..75faf8d9bc 100644 --- a/docs/faq/FAQ-features.html +++ b/docs/faq/FAQ-features.html @@ -1,47 +1,8 @@ - -Chapter 6. Features

Chapter 6. Features

How can I prevent my samba server from being used to distribute the Nimda worm?

Author: HASEGAWA Yosuke (translated by TAKAHASHI Motonobu)

-Nimba Worm is infected through shared disks on a network, as well as through -Microsoft IIS, Internet Explorer and mailer of Outlook series. -

-At this time, the worm copies itself by the name *.nws and *.eml on -the shared disk, moreover, by the name of Riched20.dll in the folder -where *.doc file is included. -

-To prevent infection through the shared disk offered by Samba, set -up as follows: -

-

-[global]
-  ...
-  # This can break Administration installations of Office2k.
-  # in that case, don't veto the riched20.dll
-  veto files = /*.eml/*.nws/riched20.dll/
-

-

-By setting the "veto files" parameter, matched files on the Samba -server are completely hidden from the clients and making it impossible -to access them at all. -

-In addition to it, the following setting is also pointed out by the -samba-jp:09448 thread: when the -"readme.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}" file exists on -a Samba server, it is visible only as "readme.txt" and dangerous -code may be executed if this file is double-clicked. -

-Setting the following, -

-  veto files = /*.{*}/
-

-any files having CLSID in its file extension will be inaccessible from any -clients. -

-This technical article is created based on the discussion of -samba-jp:09448 and samba-jp:10900 threads. -

How can I use samba as a fax server?

Contributor: Gerhard Zuber

Requirements: +Chapter 5. Features

Chapter 5. Features

How can I use samba as a fax server?

Contributor: Gerhard Zuber

Requirements:

UNIX box (Linux preferred) with SAMBA and a faxmodem
ghostscript package
mgetty+sendfax package
pbm package (portable bitmap tools)

First, install and configure the required packages. Be sure to read the mgetty+sendfax -manual carefully.

Tools for printing faxes

Your incomed faxes are in: -/var/spool/fax/incoming. Print it with:

+manual carefully.

Tools for printing faxes

Your incomed faxes are in: +/var/spool/fax/incoming. Print it with:

 for i in *
 do
 g3cat $i | g3tolj | lpr -P hp
@@ -52,9 +13,9 @@ g3cat is in the tools-section, g3tolj is in the contrib-section
 for printing to HP lasers.
 

If you want to produce files for displaying and printing with Windows, use -some tools from the pbm-package like the following command: g3cat $i | g3topbm - | ppmtopcx - >$i.pcx +some tools from the pbm-package like the following command: g3cat $i | g3topbm - | ppmtopcx - >$i.pcx and view it with your favourite Windows tool (maybe paintbrush) -

Making the fax-server

fetch the file mgetty+sendfax/frontends/winword/faxfilter and place it in /usr/local/etc/mgetty+sendfax/(replace /usr/local/ with whatever place you installed mgetty+sendfax)

prepare your faxspool file as mentioned in this file +

Making the fax-server

fetch the file mgetty+sendfax/frontends/winword/faxfilter and place it in /usr/local/etc/mgetty+sendfax/(replace /usr/local/ with whatever place you installed mgetty+sendfax)

prepare your faxspool file as mentioned in this file edit fax/faxspool.in and reinstall or change the final /usr/local/bin/faxspool too.

@@ -63,7 +24,7 @@ if [ "$user" = "root" -o "$user" = "fax"
 

find the first line and change it to the second.

make sure you have pbmtext (from the pbm-package). This is needed for creating the small header line on each page. -

Prepare your faxheader /usr/local/etc/mgetty+sendfax/faxheader

+

Prepare your faxheader /usr/local/etc/mgetty+sendfax/faxheader

Edit your /etc/printcap file:

 # FAX 
@@ -72,7 +33,7 @@ lp3|fax:\
         :sd=/usr/spool/lp3:\
         :if=/usr/local/etc/mgetty+sendfax/faxfilter:sh:sf:mx#0:\
         :lf=/usr/spool/lp3/fax-log:
-

Now, edit your smb.conf so you have a smb based printer named "fax"

Installing the client drivers

+

Now, edit your smb.conf so you have a smb based printer named "fax"

Installing the client drivers

Now you have a printer called "fax" which can be used via TCP/IP-printing (lpd-system) or via SAMBA (windows printing).

@@ -111,7 +72,7 @@ uses the found number as the fax-destination-number. Now print your fax through the fax-printer and it will be queued for later transmission. Use faxrunq for sending the queue out. -

Example smb.conf

+

Example smb.conf

 [global]
  printcap name = /etc/printcap
  print command = /usr/bin/lpr -r -P %p %s
@@ -127,7 +88,7 @@ queue out.
     create mode = 0700
     browseable = yes
     guest ok = no
-

Samba doesn't work well together with DHCP!

+

Samba doesn't work well together with DHCP!

We wish to help those folks who wish to use the ISC DHCP Server and provide sample configuration settings. Most operating systems today come ship with the ISC DHCP Server. ISC DHCP is available from: @@ -180,14 +141,14 @@ applied to the resulting DHCP offered settings UNLESS the DHCP server also sets a NetBIOS Scope. It may therefore be prudent to forcibly apply a NULL NetBIOS Scope from your DHCP server. The can be done in the dhcpd.conf file with the parameter: -option netbios-scope ""; +option netbios-scope "";

While it is true that the Microsoft DHCP server that comes with Windows NT Server provides only a sub-set of rfc1533 functionality this is hardly an issue in those sites that already have a large investment and commitment to Unix systems and technologies. The current state of the art of the DHCP Server specification in covered in rfc2132. -

How can I assign NetBIOS names to clients with DHCP?

+

How can I assign NetBIOS names to clients with DHCP?

SMB network clients need to be configured so that all standard TCP/IP name to address resolution works correctly. Once this has been achieved the SMB environment provides additional tools and services that act as helper agents in @@ -202,13 +163,13 @@ This can be done, but needs a few NT registry hacks and you need to be able to speak UNICODE, which is of course no problem for a True Wizzard(tm) :) Instructions on how to do this (including a small util for less capable Wizzards) can be found at -

http://www.unixtools.org/~nneul/sw/nt/dhcp-netbios-hostname.html

How do I convert between unix and dos text formats?

+

http://www.unixtools.org/~nneul/sw/nt/dhcp-netbios-hostname.html

How do I convert between unix and dos text formats?

Jim barry has written an excellent drag-and-drop cr/lf converter for windows. Just drag your file onto the icon and it converts the file.

The utilities unix2dos and dos2unix(in the mtools package) should do the job under unix. -

Does samba have wins replication support?

+

Does samba have wins replication support?

At the time of writing there is currently being worked on a wins replication implementation(wrepld). -

+

-- cgit