The open source community, Catalyst, and CERT NZ worked together to develop a significant update for Samba that increases security. Like Microsoft Active Directory, Samba is an open source software package that serves as an active directory domain controller. The Samba project is a member of the Software Freedom Conservancy, and Samba is Free Software covered by the GNU General Public License. Samba has been offering safe, dependable, and quick file and print services since 1992 for all clients implementing the SMB/CIFS protocol, including all DOS and Windows versions, OS/2, Linux, and many more.
To seamlessly integrate Linux/Unix servers and desktops into Active Directory systems, the software is a crucial element. It can perform the duties of an ordinary domain member or a domain controller. A Samba upgrade developed in collaboration between CERT NZ and New Zealand’s Catalyst will help users everywhere. The potential to help secure Samba was viewed by the organisation as being advantageous to both CERT NZ and others, according to Pieter Meirsman, team head of systems and security at CERT NZ.
“The organisation is proud to support Catalyst making this software more secure for users, which enables its use as a free alternative for Windows active directory (AD),” he says.
According to CERT NZ, it funded the Catalyst team’s efforts to enhance the Heimdal snapshot. Since Samba 4.0, a snapshot of the Heimdal Kerberos implementation has been incorporated. The update includes crucial new security features like FAST, or Kerberos request armouring. Using a wrapper created with a stronger password, this tunnels ticket requests and answers that may be encrypted with a weak password. Additionally, work was done to enhance the plugin interface.
According to CERT NZ, the new upgrade makes Samba more compatible with Windows 2012 and makes it simpler to update the system. The impact of the CERT NZ grant extends beyond the open source community because Catalyst’s team collaborates closely with Microsoft. Don Christie, managing director of Catalyst IT, claims that the company’s excellent Samba AD team has been concentrating on security issues for many years.
