[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Samba's protocals (was 3 different OS)

To: "David Hodnett" <dwar@earthlink.net>,"Misc@openbsd.org" <Misc@openbsd.org>
Subject: Re: Samba's protocals (was 3 different OS)
From: "Rod... Whitworth" <listener@witworx.com>
Date: Sat, 01 Jun 2002 14:57:24 +1000

On Fri, 31 May 2002 21:13:28 -0700, David Hodnett wrote:

>I never got around to asking this question and I'm hoping I can get 
>a quick yes/no answer.  On the Samba web site, in the 
>"Introduction to Samba" FAQ, they have a section that details their 
>future plans.
>
>Paraphasing slightly, they said that with Microsoft Windows 2000, 
>Microsoft hopes to gradually phase out NetBIOS, and 
>consequently, the Samba team hopes to do so as well (and rely 
>strictly upon TCP/IP).  Obviously, Windows 2000 has been out for 
>years now and that part of the FAQ is outdated.

Well Win-XP does not do NetBIOS and what MS really meant was NetBEUI I
suspect

>
>Question: can the latest version of Samba (version 2.2.1a) 
>packaged for OpenBSD 3.0, deliver full functionality using strictly 
>TCP/IP?

Samba has only ever done TCP/IP but uses it to carry SMB messages.

>
>Reason: I'd really like to avoid installing NetBIOS on any of these 
>machines since I don't have the time to keep up with the security 
>holes in that protocal.

Say what? NetBEUI is an unroutable protocol which is why Samba never
supported it and why MS is killing it.

The protocol used is what MS now calls CIFS (or sometimes NetBT or even
NBT), what IBM called TCPBEUI and is properly described as SMB or
NetBIOS over TCP/IP.

Anywhere I have a Samba server I have the relevant ports firewalled off
because otherwise there is a real risk.

Where I don't have Samba and people are doing NetBIOS shares I firewall
off the ports anyway but make sure that the "netBIOS" binding is
disabled in the TCP/IP properties as well. Damned hard for anyone not
on the LAN to use shares except say already mapped drives.

Perhaps you meant that you don't have time to keep up with the holes in
the Windows side of NetBT ?
Just firewall off the ports. (137, 138, 139 tcp and udp)
Oh and maybe this link may help with NetBIOS/NetBEUI/NBT concepts:-
http://ctdp.tripod.com/independent/networking/cert/netnetbeui.html

HTH
HAND

References:
- Samba's protocals (was 3 different OS)
  - From: "David Hodnett" <dwar@earthlink.net>

Prev by Date: Re: pkg_add displays 'EPSV': command not understand
Next by Date: Re: a good mail server
Prev by thread: Samba's protocals (was 3 different OS)
Next by thread: Re: Samba's protocals (was 3 different OS)
Index(es):
- Date
- Thread