Samba is a popular open-source software suite that provides file and print services to Windows clients. The IPC$ share is a special share that provides a list of shared resources on a Samba server. By default, anyone can connect to the IPC$ share and see the list of shared resources. However, you can restrict access to this share using Samba’s configuration file.
Here’s how to restrict access to the IPC$ share in Samba:
- Edit the Samba configuration file. On most Linux distributions, the file is located at
/etc/samba/smb.conf.sudo vi /etc/samba/smb.conf
- Add the following lines to the
[global]section of the file:[global]
ipc signing = mandatory
This forces clients to sign their requests to the
IPC$share, which can help prevent attackers from eavesdropping on the connection and getting a list of shared resources. - Add the following lines to the
[IPC$]section of the file:[IPC$]
comment = IPC Share
path = /tmp
read only = yes
guest ok = no
This creates a new section for the
IPC$share and sets it to be read-only and not accessible to guests. You can replace/tmpwith any directory that you want to use as the path for theIPC$share. - Save the configuration file and exit.
- Restart the Samba service to apply the changes:
sudo systemctl restart smb
That’s it! Samba should now restrict access to the IPC$ share and prevent clients from getting a list of shared resources without proper authentication.