[Samba] Firewall piercing - The Specified network name is no
longer available.
JLB
jlb at twu.net
Wed Feb 9 21:08:07 GMT 2005
So am I correct in assuming nobody has any further suggestions?
Is there at least a way to get the damned thing to LOG PROPERLY?
Is there a way to talk "raw SMB" by telnetting into the port and typing,
like how one can speak "raw SMTP" by telnetting to port 25? I need a way
of diagnosing the problem.
Is there a simple Perl script out somewhere that simply attempts to
connect to a SMB/CIFS share and returns detailed information
on what's going on? E.g.:
> Trying to connect to 1.2.3.4 on port 139...
> SUCCESS
>
> Trying to query list of shares...
> SUCCESS
>
> Trying to connect to share FOO...
> FAILED; error code returned is 862 ("Bad Foo or Bar")
I need a way to DIAGNOSE this problem.
On Wed, 9 Feb 2005, JLB wrote:
> Date: Wed, 9 Feb 2005 10:20:09 -0500 (EST)
> From: JLB <jlb at twu.net>
> To: Aaron J. Zirbes <ajz at cccs.umn.edu>
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] Firewall piercing - The Specified network name is no
> longer available.
>
> On Wed, 9 Feb 2005, Aaron J. Zirbes wrote:
>
> > Date: Wed, 09 Feb 2005 09:16:46 -0600
> > From: Aaron J. Zirbes <ajz at cccs.umn.edu>
> > To: JLB <jlb at twu.net>
> > Cc: samba at lists.samba.org
> > Subject: Re: [Samba] Firewall piercing - The Specified network name is no
> > longer available.
> >
> > JLB wrote:
> > > I've already set up zero-install Web-based telnet, zero-install Web-based
> > > MP3 players... I even concocted a zero-install CygWin workalike and
> > > keep it on my keychain USB drive... now I need a zero-install way to
> > > access my files via Windows machines. And that means SMB. NOT OpenVPN,
> > > OpenSSH, OpenVMS or any other "Open".
> >
> >
> > WinSCP is a MUCH better way to go for this type of thing. ...And it can
> > be zero-install.
> >
> > FYI, this will need to connect to an SSH server,
>
> ...I know what WinSCP is, and I certainly know how it works ;)
>
> > and if you're running
> > OpenBSD... (one of the Opens... hehe) it will be probably be via
> > OpenSSH... (another "Open")
> >
> > b.t.w., I'm also curious why you threw that "OpenVMS" in there with
> > OpenSSH and OpenVPN? OpenVMS is an operating system typically run on
> > Digital hardware.
>
> Just because it began with "Open" and ended in a three-letter acronym. Had
> I been able to think of another, fourth such word, I would have tossed it
> in as well ;)
>
> >
> > P.S. If you don't want any "Open" software, may I ask why you are
> > running OpenBSD?
>
> It was merely a play on words.
> I happen to LIKE the "Open" software.
> However, typical Windows-running people (who get skittish enough when you
> simply open a command prompt window, thinking you're "hacking") make my
> job more difficult by creating a situation in which things go much more
> smoothly when I don't have to install ANYTHING, much less some open-source
> software that'll creep them out.
>
> (N.b. in some situations, installing open-source/free software on Windows
> boxes run by F/OSS-phobic Windows types makes a lot more sense than NOT
> doing so... e.g. I am about to half-heartedly start a project for people
> to install FireFox on Windows users' computers, sometimes without their
> knowledge, but that's due to the impact of spambot-infested Windows boxes
> on the Internet at large, and the global impact of productivity lost to
> the slowdowns caused by spyware)
>
> >
> >
> > --
> > Aaron Zirbes
> > Systems Administrator
> > Environmental Health Sciences
> > University of Minnesota
> >
> >
> > JLB wrote:
> > > On Wed, 9 Feb 2005, Paul Gienger wrote:
> > >
> > >
> > >>Date: Wed, 09 Feb 2005 08:54:57 -0600
> > >>From: Paul Gienger <pgienger at ae-solutions.com>
> > >>To: JLB <jlb at twu.net>
> > >>Cc: samba at lists.samba.org
> > >>Subject: Re: [Samba] Firewall piercing - The Specified network name is no
> > >> longer available.
> > >>
> > >>
> > >>
> > >>>I'm trying to set up one of my Unix machines at home so I can access my
> > >>>stuff there via SMB from the Internet at large (read: from Windows-using
> > >>>clients').
> > >>>
> > >>>
> > >>
> > >>Are you saying that you're trying to allow access from 'random internet
> > >>user'(which is probably you) directly to your samba machine? You will
> > >>have problems with this if it is what you're doing.
> > >>
> > >>1. because you may have a default filter on your firewalls that block it
> > >>from traversing, although I think most sane manufacturers took this rule
> > >>off now
> > >
> > >
> > > I already poked and prodded at all such filters. They seem off now.
> > >
> > >
> > >>2. because your ISP probably blocks/filters those ports.
> > >
> > >
> > > They don't.
> > >
> > >
> > >>3. because it's a Bad Thing (TM)(R)(C)
> > >
> > >
> > > The chance of any random joker stumbling upon a dynamically allocated IP
> > > and h4x0ring into a password-protected share on a SPARC64 machine running
> > > OpenBSD with a recent version of Samba is ....
> > >
> > > ....slim.
> > >
> > >
> > >>Spend a little time and set up a vpn endpoint on your box and just
> > >>forward the necessary ports over, i think openvpn is 5000. You'll be
> > >>much happier, sane, and protected as such.
> > >
> > >
> > > And I will make use of this on client machines with strict "Thou Shalt Not
> > > Install any Unauthorized Software" policies... how?
> > >
> > > I've already set up zero-install Web-based telnet, zero-install Web-based
> > > MP3 players... I even concocted a zero-install CygWin workalike and
> > > keep it on my keychain USB drive... now I need a zero-install way to
> > > access my files via Windows machines. And that means SMB. NOT OpenVPN,
> > > OpenSSH, OpenVMS or any other "Open".
> > >
> > >
> > >>>I'm behind two NATting devices-- the lame-p Prestige DSL modem provided by
> > >>>Sprint DSL (a.k.a. Earthlink?) and a more typical home DSL/cable gateway
> > >>>device.
> > >>>
> > >>>I've poked holes in BOTH of these devices on ports 137, 138, 139 AND 445.
> > >>>Only port 139 actually responds to TCP connections (well, only port 139
> > >>>accepts a telnet, even from localhost.
> > >>>
> > >>>See:
> > >>>
> > >>>--------------------------------------------------------------------------
> > >>>-bash-2.05b# telnet localhost 137
> > >>>Trying ::1...
> > >>>telnet: connect to address ::1: Connection refused
> > >>>Trying 127.0.0.1...
> > >>>telnet: connect to address 127.0.0.1: Connection refused
> > >>>-bash-2.05b# telnet localhost 138
> > >>>Trying ::1...
> > >>>telnet: connect to address ::1: Connection refused
> > >>>Trying 127.0.0.1...
> > >>>telnet: connect to address 127.0.0.1: Connection refused
> > >>>-bash-2.05b# telnet localhost 139
> > >>>Trying ::1...
> > >>>telnet: connect to address ::1: Connection refused
> > >>>Trying 127.0.0.1...
> > >>>Connected to localhost.
> > >>>Escape character is '^]'.
> > >>>^]
> > >>>telnet> close
> > >>>Connection closed.
> > >>>-bash-2.05b# telnet localhost 445
> > >>>Trying ::1...
> > >>>telnet: connect to address ::1: Connection refused
> > >>>Trying 127.0.0.1...
> > >>>telnet: connect to address 127.0.0.1: Connection refused
> > >>>--------------------------------------------------------------------------
> > >>>
> > >>>It should go without saying that this machine's Samba shares work
> > >>>PERFECTLY WELL within the LAN. ;)
> > >>>
> > >>>Now, from the outside, I can telnet to port 139 on the machine just fine,
> > >>>through both NAT devices. However, when I go Start, Run,
> > >>>\\x.y.z.a\sharename (where "x.y.z.a" is the IP address-- not the FQDN-- of
> > >>>the machine), Windows vomits up this unhelpful message:
> > >>>
> > >>>
> > >>>--------------------------------------------------
> > >>>\\x.y.z.a\sharename
> > >>>The specified network name is no longer available.
> > >>>--------------------------------------------------
> > >>>
> > >>>See:
> > >>>
> > >>>http://jlb.twu.net/tmp/unhelpful.png
> > >>>
> > >>>Any ideas? The client machine runs Windows 2000 Pro.
> > >>>
> > >>>--
> > >>>J. L. Blank, Systems Administrator, twu.net
> > >>>
> > >>>
> > >>
> > >>--
> > >>--
> > >>Paul Gienger Office: 701-281-1884
> > >>Applied Engineering Inc.
> > >>Systems Architect Fax: 701-281-1322
> > >>URL: www.ae-solutions.com mailto: pgienger at ae-solutions.com
> > >>
> > >>
> > >>
> > >
> > >
> > > --
> > > J. L. Blank, Systems Administrator, twu.net
> >
> > --
> > Aaron Zirbes
> > Systems Administrator
> > Environmental Health Sciences
> > University of Minnesota
> > ajz at umn.edu
> > 612-625-3460
> >
>
> --
> J. L. Blank, Systems Administrator, twu.net
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
--
J. L. Blank, Systems Administrator, twu.net
More information about the samba
mailing list