diff options
Diffstat (limited to 'docs/htmldocs/introsmb.html')
| -rw-r--r-- | docs/htmldocs/introsmb.html | 659 |
1 files changed, 0 insertions, 659 deletions
diff --git a/docs/htmldocs/introsmb.html b/docs/htmldocs/introsmb.html deleted file mode 100644 index 52db6a8a95..0000000000 --- a/docs/htmldocs/introsmb.html +++ /dev/null @@ -1,659 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<HTML -><HEAD -><TITLE ->Introduction to Samba</TITLE -><META -NAME="GENERATOR" -CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK -REL="HOME" -TITLE="SAMBA Project Documentation" -HREF="samba-howto-collection.html"><LINK -REL="UP" -TITLE="General installation" -HREF="introduction.html"><LINK -REL="PREVIOUS" -TITLE="General installation" -HREF="introduction.html"><LINK -REL="NEXT" -TITLE="How to Install and Test SAMBA" -HREF="install.html"></HEAD -><BODY -CLASS="CHAPTER" -BGCOLOR="#FFFFFF" -TEXT="#000000" -LINK="#0000FF" -VLINK="#840084" -ALINK="#0000FF" -><DIV -CLASS="NAVHEADER" -><TABLE -SUMMARY="Header navigation table" -WIDTH="100%" -BORDER="0" -CELLPADDING="0" -CELLSPACING="0" -><TR -><TH -COLSPAN="3" -ALIGN="center" ->SAMBA Project Documentation</TH -></TR -><TR -><TD -WIDTH="10%" -ALIGN="left" -VALIGN="bottom" -><A -HREF="introduction.html" -ACCESSKEY="P" ->Prev</A -></TD -><TD -WIDTH="80%" -ALIGN="center" -VALIGN="bottom" -></TD -><TD -WIDTH="10%" -ALIGN="right" -VALIGN="bottom" -><A -HREF="install.html" -ACCESSKEY="N" ->Next</A -></TD -></TR -></TABLE -><HR -ALIGN="LEFT" -WIDTH="100%"></DIV -><DIV -CLASS="CHAPTER" -><H1 -><A -NAME="INTROSMB" -></A ->Chapter 1. Introduction to Samba</H1 -><DIV -CLASS="TOC" -><DL -><DT -><B ->Table of Contents</B -></DT -><DT ->1.1. <A -HREF="introsmb.html#AEN61" ->Background</A -></DT -><DT ->1.2. <A -HREF="introsmb.html#AEN67" ->Terminology</A -></DT -><DT ->1.3. <A -HREF="introsmb.html#AEN91" ->Related Projects</A -></DT -><DT ->1.4. <A -HREF="introsmb.html#AEN100" ->SMB Methodology</A -></DT -><DT ->1.5. <A -HREF="introsmb.html#AEN115" ->Additional Resources</A -></DT -><DT ->1.6. <A -HREF="introsmb.html#AEN151" ->Epilogue</A -></DT -><DT ->1.7. <A -HREF="introsmb.html#AEN162" ->Miscellaneous</A -></DT -></DL -></DIV -><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->"If you understand what you're doing, you're not learning anything." --- Anonymous</I -></SPAN -></P -><P ->Samba is a file and print server for Windows-based clients using TCP/IP as the underlying -transport protocol. In fact, it can support any SMB/CIFS-enabled client. One of Samba's big -strengths is that you can use it to blend your mix of Windows and Linux machines together -without requiring a separate Windows NT/2000/2003 Server. Samba is actively being developed -by a global team of about 30 active programmers and was originally developed by Andrew Tridgell.</P -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN61" ->1.1. Background</A -></H1 -><P ->Once long ago, there was a buzzword referred to as DCE/RPC. This stood for Distributed -Computing Environment/Remote Procedure Calls and conceptually was a good idea. It was -originally developed by Apollo/HP as NCA 1.0 (Network Computing Architecture) and only -ran over UDP. When there was a need to run it over TCP so that it would be compatible -with DECnet 3.0, it was redesigned, submitted to The Open Group, and officially became -known as DCE/RPC. Microsoft came along and decided, rather than pay $20 per seat to -license this technology, to reimplement DCE/RPC themselves as MSRPC. From this, the -concept continued in the form of SMB (Server Message Block, or the "what") using the -NetBIOS (Network Basic Input/Output System, or the "how") compatibility layer. You can -run SMB (i.e., transport) over several different protocols; many different implementations -arose as a result, including NBIPX (NetBIOS over IPX, NwLnkNb, or NWNBLink) and NBT -(NetBIOS over TCP/IP, or NetBT). As the years passed, NBT became the most common form -of implementation until the advance of "Direct-Hosted TCP" -- the Microsoft marketing -term for eliminating NetBIOS entirely and running SMB by itself across TCP port 445 -only. As of yet, direct-hosted TCP has yet to catch on.</P -><P ->Perhaps the best summary of the origins of SMB are voiced in the 1997 article titled, CIFS: -Common Insecurities Fail Scrutiny:</P -><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Several megabytes of NT-security archives, random whitepapers, RFCs, the CIFS spec, the Samba -stuff, a few MS knowledge-base articles, strings extracted from binaries, and packet dumps have -been dutifully waded through during the information-gathering stages of this project, and there -are *still* many missing pieces... While often tedious, at least the way has been generously -littered with occurrences of clapping hand to forehead and muttering 'crikey, what are they -thinking?</I -></SPAN -></P -></DIV -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN67" ->1.2. Terminology</A -></H1 -><P -></P -><UL -><LI -><P -> SMB: Acronym for "Server Message Block". This is Microsoft's file and printer sharing protocol. - </P -></LI -><LI -><P -> CIFS: Acronym for "Common Internet File System". Around 1996, Microsoft apparently - decided that SMB needed the word "Internet" in it, so they changed it to CIFS. - </P -></LI -><LI -><P -> Direct-Hosted: A method of providing file/printer sharing services over port 445/tcp - only using DNS for name resolution instead of WINS. - </P -></LI -><LI -><P -> IPC: Acronym for "Inter-Process Communication". A method to communicate specific - information between programs. - </P -></LI -><LI -><P -> Marshalling: - A method of serializing (i.e., sequential ordering of) variable data - suitable for transmission via a network connection or storing in a file. The source - data can be re-created using a similar process called unmarshalling. - </P -></LI -><LI -><P -> NetBIOS: Acronym for "Network Basic Input/Output System". This is not a protocol; - it is a method of communication across an existing protocol. This is a standard which - was originally developed for IBM by Sytek in 1983. To exaggerate the analogy a bit, - it can help to think of this in comparison your computer's BIOS -- it controls the - essential functions of your input/output hardware -- whereas NetBIOS controls the - essential functions of your input/output traffic via the network. Again, this is a bit - of an exaggeration but it should help that paradigm shift. What is important to realize - is that NetBIOS is a transport standard, not a protocol. Unfortunately, even technically - brilliant people tend to interchange NetBIOS with terms like NetBEUI without a second - thought; this will cause no end (and no doubt) of confusion. - </P -></LI -><LI -><P -> NetBEUI: Acronym for the "NetBIOS Extended User Interface". Unlike NetBIOS, NetBEUI - is a protocol, not a standard. It is also not routable, so traffic on one side of a - router will be unable to communicate with the other side. Understanding NetBEUI is - not essential to deciphering SMB; however it helps to point out that it is not the - same as NetBIOS and to improve your score in trivia at parties. NetBEUI was originally - referred to by Microsoft as "NBF", or "The Windows NT NetBEUI Frame protocol driver". - It is not often heard from these days. - </P -></LI -><LI -><P -> NBT: Acronym for "NetBIOS over TCP"; also known as "NetBT". Allows the continued use - of NetBIOS traffic proxied over TCP/IP. As a result, NetBIOS names are made - to IP addresses and NetBIOS name types are conceptually equivalent to TCP/IP ports. - This is how file and printer sharing are accomplished in Windows 95/98/ME. They - traditionally rely on three ports: NetBIOS Name Service (nbname) via UDP port 137, - NetBIOS Datagram Service (nbdatagram) via UDP port 138, and NetBIOS Session Service - (nbsession) via TCP port 139. All name resolution is done via WINS, NetBIOS broadcasts, - and DNS. NetBIOS over TCP is documented in RFC 1001 (Concepts and methods) and RFC 1002 - (Detailed specifications). - </P -></LI -><LI -><P -> W2K: Acronym for Windows 2000 Professional or Server - </P -></LI -><LI -><P -> W3K: Acronym for Windows 2003 Server - </P -></LI -></UL -><P ->If you plan on getting help, make sure to subscribe to the Samba Mailing List (available at -http://www.samba.org). Optionally, you could just search mailing.unix.samba at http://groups.google.com</P -></DIV -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN91" ->1.3. Related Projects</A -></H1 -><P ->Currently, there are two projects that are directly related to Samba: SMBFS and CIFS network -client file systems for Linux, both available in the Linux kernel itself.</P -><P -></P -><UL -><LI -><P -> SMBFS (Server Message Block File System) allows you to mount SMB shares (the protocol - that Microsoft Windows and OS/2 Lan Manager use to share files and printers - over local networks) and access them just like any other Unix directory. This is useful - if you just want to mount such filesystems without being a SMBFS server. - </P -></LI -><LI -><P -> CIFS (Common Internet File System) is the successor to SMB, and is actively being worked - on in the upcoming version of the Linux kernel. The intent of this module is to - provide advanced network file system functionality including support for dfs (heirarchical - name space), secure per-user session establishment, safe distributed caching (oplock), - optional packet signing, Unicode and other internationalization improvements, and optional - Winbind (nsswitch) integration. - </P -></LI -></UL -><P ->Again, it's important to note that these are implementations for client filesystems, and have -nothing to do with acting as a file and print server for SMB/CIFS clients.</P -></DIV -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN100" ->1.4. SMB Methodology</A -></H1 -><P ->Traditionally, SMB uses UDP port 137 (NetBIOS name service, or netbios-ns), -UDP port 138 (NetBIOS datagram service, or netbios-dgm), and TCP port 139 (NetBIOS -session service, or netbios-ssn). Anyone looking at their network with a good -packet sniffer will be amazed at the amount of traffic generated by just opening -up a single file. In general, SMB sessions are established in the following order:</P -><P -></P -><UL -><LI -><P -> "TCP Connection" - establish 3-way handshake (connection) to port 139/tcp - or 445/tcp. - </P -></LI -><LI -><P -> "NetBIOS Session Request" - using the following "Calling Names": The local - machine's NetBIOS name plus the 16th character 0x00; The server's NetBIOS - name plus the 16th character 0x20 - </P -></LI -><LI -><P -> "SMB Negotiate Protocol" - determine the protocol dialect to use, which will - be one of the following: PC Network Program 1.0 (Core) - share level security - mode only; Microsoft Networks 1.03 (Core Plus) - share level security - mode only; Lanman1.0 (LAN Manager 1.0) - uses Challenge/Response - Authentication; Lanman2.1 (LAN Manager 2.1) - uses Challenge/Response - Authentication; NT LM 0.12 (NT LM 0.12) - uses Challenge/Response - Authentication - </P -></LI -><LI -><P -> SMB Session Startup. Passwords are encrypted (or not) according to one of - the following methods: Null (no encryption); Cleartext (no encryption); LM - and NTLM; NTLM; NTLMv2 - </P -></LI -><LI -><P -> SMB Tree Connect: Connect to a share name (e.g., \\servername\share); Connect - to a service type (e.g., IPC$ named pipe) - </P -></LI -></UL -><P ->A good way to examine this process in depth is to try out SecurityFriday's SWB program -at http://www.securityfriday.com/ToolDownload/SWB/swb_doc.html. It allows you to -walk through the establishment of a SMB/CIFS session step by step.</P -></DIV -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN115" ->1.5. Additional Resources</A -></H1 -><P -></P -><UL -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->CIFS: Common Insecurities Fail Scrutiny</I -></SPAN -> by "Hobbit", - http://hr.uoregon.edu/davidrl/cifs.txt - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Doing the Samba on Windows</I -></SPAN -> by Financial Review, - http://afr.com/it/2002/10/01/FFXDF43AP6D.html - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Implementing CIFS</I -></SPAN -> by Christopher R. Hertel, - http://ubiqx.org/cifs/ - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Just What Is SMB?</I -></SPAN -> by Richard Sharpe, - http://samba.anu.edu.au/cifs/docs/what-is-smb.html - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Opening Windows Everywhere</I -></SPAN -> by Mike Warfield, - http://www.linux-mag.com/1999-05/samba_01.html - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->SMB HOWTO</I -></SPAN -> by David Wood, - http://www.tldp.org/HOWTO/SMB-HOWTO.html - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->SMB/CIFS by The Root</I -></SPAN -> by "ledin", - http://www.phrack.org/phrack/60/p60-0x0b.txt - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->The Story of Samba</I -></SPAN -> by Christopher R. Hertel, - http://www.linux-mag.com/1999-09/samba_01.html - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->The Unofficial Samba HOWTO</I -></SPAN -> by David Lechnyr, - http://hr.uoregon.edu/davidrl/samba/ - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Understanding the Network Neighborhood</I -></SPAN -> by Christopher R. Hertel, - http://www.linux-mag.com/2001-05/smb_01.html - </P -></LI -><LI -><P -> <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->Using Samba as a PDC</I -></SPAN -> by Andrew Bartlett, - http://www.linux-mag.com/2002-02/samba_01.html - </P -></LI -></UL -></DIV -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN151" ->1.6. Epilogue</A -></H1 -><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->"What's fundamentally wrong is that nobody ever had any taste when they -did it. Microsoft has been very much into making the user interface look good, -but internally it's just a complete mess. And even people who program for Microsoft -and who have had years of experience, just don't know how it works internally. -Worse, nobody dares change it. Nobody dares to fix bugs because it's such a -mess that fixing one bug might just break a hundred programs that depend on -that bug. And Microsoft isn't interested in anyone fixing bugs -- they're interested -in making money. They don't have anybody who takes pride in Windows 95 as an -operating system.</I -></SPAN -></P -><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->People inside Microsoft know it's a bad operating system and they still -continue obviously working on it because they want to get the next version out -because they want to have all these new features to sell more copies of the -system.</I -></SPAN -></P -><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->The problem with that is that over time, when you have this kind of approach, -and because nobody understands it, because nobody REALLY fixes bugs (other than -when they're really obvious), the end result is really messy. You can't trust -it because under certain circumstances it just spontaneously reboots or just -halts in the middle of something that shouldn't be strange. Normally it works -fine and then once in a blue moon for some completely unknown reason, it's dead, -and nobody knows why. Not Microsoft, not the experienced user and certainly -not the completely clueless user who probably sits there shivering thinking -"What did I do wrong?" when they didn't do anything wrong at all.</I -></SPAN -></P -><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->That's what's really irritating to me."</I -></SPAN -></P -><P ->-- Linus Torvalds, from an interview with BOOT Magazine, Sept 1998 -(http://hr.uoregon.edu/davidrl/boot.txt)</P -></DIV -><DIV -CLASS="SECT1" -><H1 -CLASS="SECT1" -><A -NAME="AEN162" ->1.7. Miscellaneous</A -></H1 -><P ->This chapter was lovingly handcrafted on a Dell Latitude C400 laptop running Slackware Linux 9.0, -in case anyone asks.</P -><P ->This chapter is Copyright © 2003 David Lechnyr (david at lechnyr dot com). -Permission is granted to copy, distribute and/or modify this document under the terms -of the GNU Free Documentation License, Version 1.2 or any later version published by the Free -Software Foundation. A copy of the license is available at http://www.gnu.org/licenses/fdl.txt.</P -></DIV -></DIV -><DIV -CLASS="NAVFOOTER" -><HR -ALIGN="LEFT" -WIDTH="100%"><TABLE -SUMMARY="Footer navigation table" -WIDTH="100%" -BORDER="0" -CELLPADDING="0" -CELLSPACING="0" -><TR -><TD -WIDTH="33%" -ALIGN="left" -VALIGN="top" -><A -HREF="introduction.html" -ACCESSKEY="P" ->Prev</A -></TD -><TD -WIDTH="34%" -ALIGN="center" -VALIGN="top" -><A -HREF="samba-howto-collection.html" -ACCESSKEY="H" ->Home</A -></TD -><TD -WIDTH="33%" -ALIGN="right" -VALIGN="top" -><A -HREF="install.html" -ACCESSKEY="N" ->Next</A -></TD -></TR -><TR -><TD -WIDTH="33%" -ALIGN="left" -VALIGN="top" ->General installation</TD -><TD -WIDTH="34%" -ALIGN="center" -VALIGN="top" -><A -HREF="introduction.html" -ACCESSKEY="U" ->Up</A -></TD -><TD -WIDTH="33%" -ALIGN="right" -VALIGN="top" ->How to Install and Test SAMBA</TD -></TR -></TABLE -></DIV -></BODY -></HTML ->
\ No newline at end of file |