Results 1 to 3 of 3

Thread: Samba user tracer

  1. #1
    Join Date
    May 2005

    Samba user tracer

    I have a ubuntu samba server on my network and almost 70% of the office employee uses it everyday. It is not secured (free public shares) and anyone on my network can access it. As the office is expanding i need to secure it.

    Is it possible to trace the user's history? Something like i can view the file he dumped, copied, or deleted. From what computer he logged in to use the file sharing server.

    .sig na ture.

  2. #2
    Junior Member
    Join Date
    Apr 2004
    United States
    Check out the logs in /var/log/samba/

    Typically you can see from what IP a user logged in from, and what shares they have requested. However I'm not sure if even increasing the logging level would get you individual file access. You could always set something like "log level = 10" in the "[global]" section of your samba config file, and see if it records your needed information, then start lowering it to see what the lowest log level you can have while still getting your needed information.

    You also may may want to look at the command "smbstatus" which would tell tell you what shares are currently being accessed etc...

    As a last resort you could try doing something like these guys and edit samba's source code to add your own logging lines. This just becomes a larger pain having to then manually patch, and compile your samba code with every security issue that is found but if you've got the man power then it is certainly an option.

    Samba has a ton of useful documentation out there. Here are two helpful resources if you need more configuration help with samba.

  3. #3
    Join Date
    May 2005
    Thanks. I look into it. Thank you sir.
    .sig na ture.

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  3. Basic IRC use and administration
    By MicroBurn in forum Other Tutorials Forum
    Replies: 1
    Last Post: March 2nd, 2005, 04:31 PM
  4. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 08:47 PM
  5. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts