The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 netbios-ssn
Author: Isaac 
Date:   15-01-03 20:43

I was checking up on my box today from work and noticed somthing that I didn't understand. I rand the command "netstat -al" and saw the following line:

tcp4 0 0 209-6-23-76.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.netbios-ssn ppp-62-10-69-78.dialup.tiscali.it.2887 ESTABLISHED

What does this mean? Has somone actually connected to my box without permission? I ran the "who" command and didn't see anyone logged in other than my self. A few mins later running "netstat -al" no longer returned this line. If anyone could explane or point me tward a source to read up on this that would be great.

Thanks,
Isaac

Reply To This Message
 
 Re: netbios-ssn
Author: Isaac 
Date:   15-01-03 20:44

BTW I can't spell today :)

Reply To This Message
 
 Re: netbios-ssn
Author: .daniel.schrock 
Date:   16-01-03 01:55

netbios-ssn is used by samba. you should not allow samba to listen on a public address and should always require login...
you may have guest access enabled which allowed the user in.

here is what my testing revealed:

19:53:59:d_jab@aluminum (/dev/ttyp2): 1 ~
>> smbclient \\\\209.6.23.76\\
added interface ip=192.168.23.200 bcast=192.168.23.255 nmask=255.255.255.0
added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
Password:
Anonymous login successful
Domain=[HOME] OS=[Unix] Server=[Samba 2.2.6]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

no password given, just pressed enter.

Reply To This Message
 
 Re: netbios-ssn
Author: Isaac 
Date:   16-01-03 02:03

The strange thing is in my smb.conf file I have the "interfaces" line set to fpx0 which is my internal card. I've disabled sambe untill I get my hands on a book. Thanks though Daniel.

Isaac

Reply To This Message
 
 Re: netbios-ssn
Author: .daniel.schrock 
Date:   16-01-03 03:02

the interfaces directive should contain the subnet the interface is on, not the card itself.
the hosts allow directive can further refine this definition.

<b>
interfaces = 192.168.0.0/255.255.255.0 127.0.0.1
</b>

Reply To This Message
 
 Re: netbios-ssn
Author: Isaac 
Date:   16-01-03 03:45

Oh crap I'm stupid!

Reply To This Message
 
 Re: netbios-ssn
Author: Isaac 
Date:   17-01-03 15:04

Daniel, can you tell me what you did to perform that test so I can check to see if I've still left things open?

Thanks,
Isaac

Reply To This Message
 
 Re: netbios-ssn
Author: .daniel.schrock 
Date:   18-01-03 02:25

19:53:59:d_jab@aluminum (/dev/ttyp2): 1 ~
>> smbclient \\\\209.6.23.76\\
added interface ip=192.168.23.200 bcast=192.168.23.255 nmask=255.255.255.0
added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
Password:
Anonymous login successful
Domain=[HOME] OS=[Unix] Server=[Samba 2.2.6]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME

no password given, just pressed enter.


smbclient comes with samba and this test will work from your local system.

you want samba listening on the private interface so smbclient \\\\privateipaddr\\ should allow you to login

smbclient \\\\publicipaddress\\ should not allow you to login.

Reply To This Message
 
 Re: netbios-ssn
Author: Isaac 
Date:   20-01-03 16:14

Are you still able to access?

Reply To This Message
 
 Re: netbios-ssn
Author: .daniel.schrock 
Date:   20-01-03 21:46

nope!

15:14:56:d_jab@aluminum (/dev/ttyp0): 2 ~
>> smbclient \\\\209.6.23.76\\
added interface ip=192.168.23.200 bcast=192.168.23.255 nmask=255.255.255.0
added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
session request to 209.6.23.76 failed (Not listening for calling name)
session request to 209 failed (Not listening for calling name)
session request to *SMBSERVER failed (Not listening for calling name)

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org