SMB over the internet

[Speedbird]

Hello.

 

I am running a home server and I have set up SMB shares. I can access them normally if I'm on the same network, but what ports should I forward on my router if I wanted to connect over the internet? Also, how exactly would I connect? Would just typing in the name of the server work or do I need the IP as well? Thank you.

[Alim]

SSH also makes it secure

[Speedbird]

I would use SSH to forward the port in an encrypted tunnel.

SSH -NCvL 445:LAN_IP:445 Public_IP

Then the share at will be accessible at \\127.0.0.1\.

So it's port 445. I don't do SSH, I prefer Telnet with Windows Server. But how would I connect from a remote computer?

[Alim]

So it's port 445. I don't do SSH, I prefer Telnet with Windows Server. But how would I connect from a remote computer?

SSH actually allows you to tunnel sockets. (basically acts like proxy)

[DacStugly]

Hello.

 

I am running a home server and I have set up SMB shares. I can access them normally if I'm on the same network, but what ports should I forward on my router if I wanted to connect over the internet? Also, how exactly would I connect? Would just typing in the name of the server work or do I need the IP as well? Thank you.

 

Assuming you are running a linux server.

 

1. use sshfs to mount directories on your local machine if your running any flavor of linux:

 

sshfs user@remote.ip /user/mnt/directory

 

2. If your a running a windows machine use this guide --> http://igikorn.com/sshfs-windows-8/

 

3. Do not use smb share over the internet it's very very unsecured --> http://thehackernews.com/2015/04/smb-windows-vulnerability.html

 

4. make sure your server root does not have ssh privilege and forward port 22 from your router.

[surtursrevenge]

Never use SMB over the Internet !! Its totaly insecure.

 

You should go for an VPN Solution like OpenVPN or Softehther. This is the way to secure access your local network. Another reason is, that you can add compression to your network traffic. This is necessary, because samba is a LAN optimized protocoll so it needs <1ms resonse time because of many RPC requests.

An normal DSL Internet connection will have 30-40 ms response time. So accessing your data will be a pain. Unless you realy need to access your data via a maped network drive i recomend not using Samba. Instead use something like SCP (ssh) oder FTP with a programm like WinSCP (windows) Cyperduck (Mac) Dolphin/Integrated (Linux) to access your data. These protocolls are wan optimized and you will have much less trouble useing this.

 

-- sorry for my crappy english

[Speedbird]

Never use SMB over the Internet !! Its totaly insecure.

 

You should go for an VPN Solution like OpenVPN or Softehther. This is the way to secure access your local network. Another reason is, that you can add compression to your network traffic. This is necessary, because samba is a LAN optimized protocoll so it needs <1ms resonse time because of many RPC requests.

An normal DSL Internet connection will have 30-40 ms response time. So accessing your data will be a pain. Unless you realy need to access your data via a maped network drive i recomend not using Samba. Instead use something like SCP (ssh) oder FTP with a programm like WinSCP (windows) Cyperduck (Mac) Dolphin/Integrated (Linux) to access your data. These protocolls are wan optimized and you will have much less trouble useing this.

 

-- sorry for my crappy english

First of all, I do not have DSL - it's optical fibre! I get 100 down and up, ping is pretty low too. But I have beeen looking at VPN solutions anyway, because I am having problems forwarding ports. Right now I'm using Hamachi so my friends can play Minecraft on it, but  I'm thinking of replacing it. I've heard that OpenVPN is the most secure VPN protocol, so I will probably use that. Don't know how compatibility with Windows Server is though, so I might have to use SSTP instead.

[surtursrevenge]

First of all, I do not have DSL - it's optical fibre! I get 100 down and up, ping is pretty low too. But I have beeen looking at VPN solutions anyway, because I am having problems forwarding ports. Right now I'm using Hamachi so my friends can play Minecraft on it, but  I'm thinking of replacing it. I've heard that OpenVPN is the most secure VPN protocol, so I will probably use that. Don't know how compatibility with Windows Server is though, so I might have to use SSTP instead.

It doesn't matter if you have optical or DSL internet 100 up/down is fast but you will have propably still arround 10 ms response time. And it is still a wan connection, so its not recomendet using it for lan protocols anyway.

"OpenVPN is the most secure VPN protocol" -> this is NOT true !!

OpenVPN is not an own protocol. It uses OpenSSL for encryption like Microsoft SSTP does too ... (Remeber HeartBleed Bug of SSL !! )

Ofcourse you could use OpenVPN, because there is nearly for any Platform a client.

So you can use ist on windows mac linux iOS android.

Another option for vpn , which configured right is stronger than ssl, is IPSec. IPSec is nearly the VPN standart.

Microsoft and many other use L2TP over IPSec for VPN Tunnel.

You should look for Softether VPN. With this VPN Server you can use the native VPN Clients on Windows, iOS, Android and Mac.

So you don't have to install a a client on any System. With the GUI Tool Softether is extreamly simple to Setup.

 

I personal was using openvpn for many years. But a few month ago i switched to SoftEather and it works realy great !! I realy can highly recomend using this software, because it is much more flexible, faster and easyer to use than openvpn

[Speedbird]

It doesn't matter if you have optical or DSL internet 100 up/down is fast but you will have propably still arround 10 ms response time. And it is still a wan connection, so its not recomendet using it for lan protocols anyway.

"OpenVPN is the most secure VPN protocol" -> this is NOT true !!

OpenVPN is not an own protocol. It uses OpenSSL for encryption like Microsoft SSTP does too ... (Remeber HeartBleed Bug of SSL !! )

Ofcourse you could use OpenVPN, because there is nearly for any Platform a client.

So you can use ist on windows mac linux iOS android.

Another option for vpn , which configured right is stronger than ssl, is IPSec. IPSec is nearly the VPN standart.

Microsoft and many other use L2TP over IPSec for VPN Tunnel.

You should look for Softether VPN. With this VPN Server you can use the native VPN Clients on Windows, iOS, Android and Mac.

So you don't have to install a a client on any System. With the GUI Tool Softether is extreamly simple to Setup.

 

I personal was using openvpn for many years. But a few month ago i switched to SoftEather and it works realy great !! I realy can highly recomend using this software, because it is much more flexible, faster and easyer to use than openvpn

Alright, I'll try Softether. But I'm more interested in OpenVPN. It seems that easy-rsa is kinda broken on Windows.

[surtursrevenge]

Alright, I'll try Softether. But I'm more interested in OpenVPN. It seems that easy-rsa is kinda broken on Windows.

OpenVPN will be finde too !!

I is realy nice ..

But the more Secure, flexible, faster and easy to manage solution is SoftEther.

But most important thing is, that you feel comfortable with your VPN Solution.

There are a lot of VPN Solutions out there and you have to find the best for your self.

 

[r3bify]

Why not just use SFTP?