I have four computers on a LAN with private IP addresses (e.g.192.168.1.*), and a router on the LAN which provides access to the Internet.
I have considered setting up a password-free file share on one of the machines and then setting up the machine's firewall so that it only allows file-sharing to computers within the same network.
How safe is this? The machine in question is running Windows XP Pro SP2, and has ALL of the latest Windows updates.
In theory, any requests coming from outside the network should be ignored because of the firewall, but I've seen a video on the web of people exploiting Samba and gaining full access.
Is it advisable to have a password-free Samba share like this even if my firewall blocks WAN requests?
Another thing, if you have a password on your Samba share, is there any way of putting in a time delay between password requests? I've seen people crack Samba using a "dictionary attack", but such an attack would not be possible if there was a delay of about ten seconds between password requests.
One thing I've been wondering about... I've used Linux before to connect to Samba shares, and I've always just supplied an IP address, not an IP address and a port number. Therefore I've been wondering how you could possibly connect to a Samba share on a VPN from outside because the only public IP address is the WAN port on the router.