RE: Tunnelling SMB over SSH or SSL

From: Leonard, Toby (TobyL@netedgesolutions.com)
Date: 11/05/01 

Message-ID: <9DB253314CC8034A8EAFDEDEABE3A0930284FB@iserv.netedgesolutions.com>
From: "Leonard, Toby" <TobyL@netedgesolutions.com>
To: focus-ms@securityfocus.com
Subject: RE: Tunnelling SMB over SSH or SSL
Date: Mon, 5 Nov 2001 09:03:56 -0600

You can always setup IPSec between the two machines. Getting it to work
with a shared secret is pretty easy. If you want to use self-signed
certificates you have to jump through some extra hoops, because 2000
requires certain extensions to be in the cert before it will use it for
IPSec. I'd have to check my home machine's configuration to tell you
exactly which ones, but I've got a conf file for openssl that adds them
for you.

Might also want to check the OpenBSD IPSec FAQ:
http://www.openbsd.org/faq/faq13.html

                                        Toby 

--
Toby Leonard  |  tobyl@netedgesolutions.com

> -----Original Message-----
> From: Franklin DeMatto [mailto:franklin.lists@qDefense.com]
> Sent: Sunday, 04 November, 2001 0940
> To: focus-ms@securityfocus.com
> Subject: Tunnelling SMB over SSH or SSL
> 
> 
> It is it possible to get Windows 2000 to tunnel SMB over SSH or 
> SSL?  Windows 2000 supports SMB directly over TCP, without 
> NetBIOS or UDP.
> 
> Can anyone recommend another solution to have encrypted, secure file 
> sharing between Windows machines and UNIX (specifically OpenBSD)?
> 
> 
> 
> 
> 
> Franklin DeMatto
> Senior  Analyst, qDefense Penetration Testing
> http://qDefense.com
> qDefense: Making Security Accessible
>

Relevant Pages