Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

File server security and authorized users

Status
Not open for further replies.
GoldenEternity

GoldenEternity

Technical User
May 4, 2001
159
US
Anyone looked at how to protect your file servers against unauthorized changes by an authorized user, etc.?

This particular case is an engineering firm with a Samba fileserver... Because of the type of work, free access to most of the data on the server is generally required.

Any recommendations beyond normal user/group restrictions?

Oddly enough, I'm actually finding that NTFS seems better suited to this environment, given the ability to set access rules for more than one user/group for a given file/directory. It wouldn't be practical to make that change right now, though.

Thanks for any suggestions/comments/sympathies.
 
Sort by date Sort by votes
If you enable successful logging on the server...you can implement a process where you check the log for unauthorised access to specific folders...

Another way is to create a honeypot, ie a folder called financials (for example, or use something more provocative), and enable logging on it, then check which user accesses it.
 
Upvote 0 Downvote
HI.

The most important protection is your backup program.
Make sure you have both daily and periodic backups (weekly, monthly, etc...).

In addition, you can have an online backup of the files to a large hard disk on a workstation, with programs like:

ROBOCOPY from NT/2000 resource kit
MM part of NUTS from my site (signature)
and many other similar utilities

Of course, you should also set the required permissions and other methods to secure the data, but again, your backups are the major protection against data loss and corruption.

Designing a loggical data folders structure is also a good practice that will help you manage the server.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
"Oddly enough, I'm actually finding that NTFS seems better suited to this environment, given the ability to set access rules for more than one user/group for a given file/directory" -->

You can specify read or write access on a per user or group basis in Samba.

[pubshare]
path = /public
guest ok = no
writeable = yes
read list = bob kim kelly
write list = chris jessica

If you want to specify Linux groups instead of users, then put a @ in front of the name...

write list = @engineers


ChrisP ---------------------------------------
If someone's post was helpful to you, please click the box "Click here to mark this post as a helpful or expert post".
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
696
Sameer258
Sameer258
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
732
Shmid
Shmid
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
526
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
460
Nitta84
Nitta84
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
122
gbayi_omo
gbayi_omo

Part and Inventory Search

Sponsor

Back
Top