1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML
><HEAD
><TITLE
>Introduction to Samba</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="SAMBA Project Documentation"
HREF="samba-howto-collection.html"><LINK
REL="UP"
TITLE="General installation"
HREF="introduction.html"><LINK
REL="PREVIOUS"
TITLE="General installation"
HREF="introduction.html"><LINK
REL="NEXT"
TITLE="How to Install and Test SAMBA"
HREF="install.html"></HEAD
><BODY
CLASS="CHAPTER"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>SAMBA Project Documentation</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="introduction.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="install.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="CHAPTER"
><H1
><A
NAME="INTROSMB"
></A
>Chapter 1. Introduction to Samba</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>1.1. <A
HREF="introsmb.html#AEN61"
>Background</A
></DT
><DT
>1.2. <A
HREF="introsmb.html#AEN67"
>Terminology</A
></DT
><DT
>1.3. <A
HREF="introsmb.html#AEN91"
>Related Projects</A
></DT
><DT
>1.4. <A
HREF="introsmb.html#AEN100"
>SMB Methodology</A
></DT
><DT
>1.5. <A
HREF="introsmb.html#AEN115"
>Additional Resources</A
></DT
><DT
>1.6. <A
HREF="introsmb.html#AEN151"
>Epilogue</A
></DT
><DT
>1.7. <A
HREF="introsmb.html#AEN162"
>Miscellaneous</A
></DT
></DL
></DIV
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>"If you understand what you're doing, you're not learning anything."
-- Anonymous</I
></SPAN
></P
><P
>Samba is a file and print server for Windows-based clients using TCP/IP as the underlying
transport protocol. In fact, it can support any SMB/CIFS-enabled client. One of Samba's big
strengths is that you can use it to blend your mix of Windows and Linux machines together
without requiring a separate Windows NT/2000/2003 Server. Samba is actively being developed
by a global team of about 30 active programmers and was originally developed by Andrew Tridgell.</P
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN61"
>1.1. Background</A
></H1
><P
>Once long ago, there was a buzzword referred to as DCE/RPC. This stood for Distributed
Computing Environment/Remote Procedure Calls and conceptually was a good idea. It was
originally developed by Apollo/HP as NCA 1.0 (Network Computing Architecture) and only
ran over UDP. When there was a need to run it over TCP so that it would be compatible
with DECnet 3.0, it was redesigned, submitted to The Open Group, and officially became
known as DCE/RPC. Microsoft came along and decided, rather than pay $20 per seat to
license this technology, to reimplement DCE/RPC themselves as MSRPC. From this, the
concept continued in the form of SMB (Server Message Block, or the "what") using the
NetBIOS (Network Basic Input/Output System, or the "how") compatibility layer. You can
run SMB (i.e., transport) over several different protocols; many different implementations
arose as a result, including NBIPX (NetBIOS over IPX, NwLnkNb, or NWNBLink) and NBT
(NetBIOS over TCP/IP, or NetBT). As the years passed, NBT became the most common form
of implementation until the advance of "Direct-Hosted TCP" -- the Microsoft marketing
term for eliminating NetBIOS entirely and running SMB by itself across TCP port 445
only. As of yet, direct-hosted TCP has yet to catch on.</P
><P
>Perhaps the best summary of the origins of SMB are voiced in the 1997 article titled, CIFS:
Common Insecurities Fail Scrutiny:</P
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Several megabytes of NT-security archives, random whitepapers, RFCs, the CIFS spec, the Samba
stuff, a few MS knowledge-base articles, strings extracted from binaries, and packet dumps have
been dutifully waded through during the information-gathering stages of this project, and there
are *still* many missing pieces... While often tedious, at least the way has been generously
littered with occurrences of clapping hand to forehead and muttering 'crikey, what are they
thinking?</I
></SPAN
></P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN67"
>1.2. Terminology</A
></H1
><P
></P
><UL
><LI
><P
> SMB: Acronym for "Server Message Block". This is Microsoft's file and printer sharing protocol.
</P
></LI
><LI
><P
> CIFS: Acronym for "Common Internet File System". Around 1996, Microsoft apparently
decided that SMB needed the word "Internet" in it, so they changed it to CIFS.
</P
></LI
><LI
><P
> Direct-Hosted: A method of providing file/printer sharing services over port 445/tcp
only using DNS for name resolution instead of WINS.
</P
></LI
><LI
><P
> IPC: Acronym for "Inter-Process Communication". A method to communicate specific
information between programs.
</P
></LI
><LI
><P
> Marshalling: - A method of serializing (i.e., sequential ordering of) variable data
suitable for transmission via a network connection or storing in a file. The source
data can be re-created using a similar process called unmarshalling.
</P
></LI
><LI
><P
> NetBIOS: Acronym for "Network Basic Input/Output System". This is not a protocol;
it is a method of communication across an existing protocol. This is a standard which
was originally developed for IBM by Sytek in 1983. To exaggerate the analogy a bit,
it can help to think of this in comparison your computer's BIOS -- it controls the
essential functions of your input/output hardware -- whereas NetBIOS controls the
essential functions of your input/output traffic via the network. Again, this is a bit
of an exaggeration but it should help that paradigm shift. What is important to realize
is that NetBIOS is a transport standard, not a protocol. Unfortunately, even technically
brilliant people tend to interchange NetBIOS with terms like NetBEUI without a second
thought; this will cause no end (and no doubt) of confusion.
</P
></LI
><LI
><P
> NetBEUI: Acronym for the "NetBIOS Extended User Interface". Unlike NetBIOS, NetBEUI
is a protocol, not a standard. It is also not routable, so traffic on one side of a
router will be unable to communicate with the other side. Understanding NetBEUI is
not essential to deciphering SMB; however it helps to point out that it is not the
same as NetBIOS and to improve your score in trivia at parties. NetBEUI was originally
referred to by Microsoft as "NBF", or "The Windows NT NetBEUI Frame protocol driver".
It is not often heard from these days.
</P
></LI
><LI
><P
> NBT: Acronym for "NetBIOS over TCP"; also known as "NetBT". Allows the continued use
of NetBIOS traffic proxied over TCP/IP. As a result, NetBIOS names are made
to IP addresses and NetBIOS name types are conceptually equivalent to TCP/IP ports.
This is how file and printer sharing are accomplished in Windows 95/98/ME. They
traditionally rely on three ports: NetBIOS Name Service (nbname) via UDP port 137,
NetBIOS Datagram Service (nbdatagram) via UDP port 138, and NetBIOS Session Service
(nbsession) via TCP port 139. All name resolution is done via WINS, NetBIOS broadcasts,
and DNS. NetBIOS over TCP is documented in RFC 1001 (Concepts and methods) and RFC 1002
(Detailed specifications).
</P
></LI
><LI
><P
> W2K: Acronym for Windows 2000 Professional or Server
</P
></LI
><LI
><P
> W3K: Acronym for Windows 2003 Server
</P
></LI
></UL
><P
>If you plan on getting help, make sure to subscribe to the Samba Mailing List (available at
http://www.samba.org). Optionally, you could just search mailing.unix.samba at http://groups.google.com</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN91"
>1.3. Related Projects</A
></H1
><P
>Currently, there are two projects that are directly related to Samba: SMBFS and CIFS network
client file systems for Linux, both available in the Linux kernel itself.</P
><P
></P
><UL
><LI
><P
> SMBFS (Server Message Block File System) allows you to mount SMB shares (the protocol
that Microsoft Windows and OS/2 Lan Manager use to share files and printers
over local networks) and access them just like any other Unix directory. This is useful
if you just want to mount such filesystems without being a SMBFS server.
</P
></LI
><LI
><P
> CIFS (Common Internet File System) is the successor to SMB, and is actively being worked
on in the upcoming version of the Linux kernel. The intent of this module is to
provide advanced network file system functionality including support for dfs (heirarchical
name space), secure per-user session establishment, safe distributed caching (oplock),
optional packet signing, Unicode and other internationalization improvements, and optional
Winbind (nsswitch) integration.
</P
></LI
></UL
><P
>Again, it's important to note that these are implementations for client filesystems, and have
nothing to do with acting as a file and print server for SMB/CIFS clients.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN100"
>1.4. SMB Methodology</A
></H1
><P
>Traditionally, SMB uses UDP port 137 (NetBIOS name service, or netbios-ns),
UDP port 138 (NetBIOS datagram service, or netbios-dgm), and TCP port 139 (NetBIOS
session service, or netbios-ssn). Anyone looking at their network with a good
packet sniffer will be amazed at the amount of traffic generated by just opening
up a single file. In general, SMB sessions are established in the following order:</P
><P
></P
><UL
><LI
><P
> "TCP Connection" - establish 3-way handshake (connection) to port 139/tcp
or 445/tcp.
</P
></LI
><LI
><P
> "NetBIOS Session Request" - using the following "Calling Names": The local
machine's NetBIOS name plus the 16th character 0x00; The server's NetBIOS
name plus the 16th character 0x20
</P
></LI
><LI
><P
> "SMB Negotiate Protocol" - determine the protocol dialect to use, which will
be one of the following: PC Network Program 1.0 (Core) - share level security
mode only; Microsoft Networks 1.03 (Core Plus) - share level security
mode only; Lanman1.0 (LAN Manager 1.0) - uses Challenge/Response
Authentication; Lanman2.1 (LAN Manager 2.1) - uses Challenge/Response
Authentication; NT LM 0.12 (NT LM 0.12) - uses Challenge/Response
Authentication
</P
></LI
><LI
><P
> SMB Session Startup. Passwords are encrypted (or not) according to one of
the following methods: Null (no encryption); Cleartext (no encryption); LM
and NTLM; NTLM; NTLMv2
</P
></LI
><LI
><P
> SMB Tree Connect: Connect to a share name (e.g., \\servername\share); Connect
to a service type (e.g., IPC$ named pipe)
</P
></LI
></UL
><P
>A good way to examine this process in depth is to try out SecurityFriday's SWB program
at http://www.securityfriday.com/ToolDownload/SWB/swb_doc.html. It allows you to
walk through the establishment of a SMB/CIFS session step by step.</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN115"
>1.5. Additional Resources</A
></H1
><P
></P
><UL
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>CIFS: Common Insecurities Fail Scrutiny</I
></SPAN
> by "Hobbit",
http://hr.uoregon.edu/davidrl/cifs.txt
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Doing the Samba on Windows</I
></SPAN
> by Financial Review,
http://afr.com/it/2002/10/01/FFXDF43AP6D.html
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Implementing CIFS</I
></SPAN
> by Christopher R. Hertel,
http://ubiqx.org/cifs/
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Just What Is SMB?</I
></SPAN
> by Richard Sharpe,
http://samba.anu.edu.au/cifs/docs/what-is-smb.html
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Opening Windows Everywhere</I
></SPAN
> by Mike Warfield,
http://www.linux-mag.com/1999-05/samba_01.html
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>SMB HOWTO</I
></SPAN
> by David Wood,
http://www.tldp.org/HOWTO/SMB-HOWTO.html
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>SMB/CIFS by The Root</I
></SPAN
> by "ledin",
http://www.phrack.org/phrack/60/p60-0x0b.txt
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>The Story of Samba</I
></SPAN
> by Christopher R. Hertel,
http://www.linux-mag.com/1999-09/samba_01.html
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>The Unofficial Samba HOWTO</I
></SPAN
> by David Lechnyr,
http://hr.uoregon.edu/davidrl/samba/
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Understanding the Network Neighborhood</I
></SPAN
> by Christopher R. Hertel,
http://www.linux-mag.com/2001-05/smb_01.html
</P
></LI
><LI
><P
> <SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Using Samba as a PDC</I
></SPAN
> by Andrew Bartlett,
http://www.linux-mag.com/2002-02/samba_01.html
</P
></LI
></UL
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN151"
>1.6. Epilogue</A
></H1
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>"What's fundamentally wrong is that nobody ever had any taste when they
did it. Microsoft has been very much into making the user interface look good,
but internally it's just a complete mess. And even people who program for Microsoft
and who have had years of experience, just don't know how it works internally.
Worse, nobody dares change it. Nobody dares to fix bugs because it's such a
mess that fixing one bug might just break a hundred programs that depend on
that bug. And Microsoft isn't interested in anyone fixing bugs -- they're interested
in making money. They don't have anybody who takes pride in Windows 95 as an
operating system.</I
></SPAN
></P
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>People inside Microsoft know it's a bad operating system and they still
continue obviously working on it because they want to get the next version out
because they want to have all these new features to sell more copies of the
system.</I
></SPAN
></P
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>The problem with that is that over time, when you have this kind of approach,
and because nobody understands it, because nobody REALLY fixes bugs (other than
when they're really obvious), the end result is really messy. You can't trust
it because under certain circumstances it just spontaneously reboots or just
halts in the middle of something that shouldn't be strange. Normally it works
fine and then once in a blue moon for some completely unknown reason, it's dead,
and nobody knows why. Not Microsoft, not the experienced user and certainly
not the completely clueless user who probably sits there shivering thinking
"What did I do wrong?" when they didn't do anything wrong at all.</I
></SPAN
></P
><P
><SPAN
CLASS="emphasis"
><I
CLASS="EMPHASIS"
>That's what's really irritating to me."</I
></SPAN
></P
><P
>-- Linus Torvalds, from an interview with BOOT Magazine, Sept 1998
(http://hr.uoregon.edu/davidrl/boot.txt)</P
></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN162"
>1.7. Miscellaneous</A
></H1
><P
>This chapter was lovingly handcrafted on a Dell Latitude C400 laptop running Slackware Linux 9.0,
in case anyone asks.</P
><P
>This chapter is Copyright © 2003 David Lechnyr (david at lechnyr dot com).
Permission is granted to copy, distribute and/or modify this document under the terms
of the GNU Free Documentation License, Version 1.2 or any later version published by the Free
Software Foundation. A copy of the license is available at http://www.gnu.org/licenses/fdl.txt.</P
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="introduction.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="samba-howto-collection.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="install.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>General installation</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="introduction.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>How to Install and Test SAMBA</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
|