lsarpcd

Andrew Tridgell tridge at linuxcare.com
Fri Dec 17 05:05:10 GMT 1999


> 1) it binds to 0.0.0.0 because nmb-agent sends UDP 137 packets on behalf
> of the nmb-agent-clients.

which means it can get packets from any machine. nasty.

> 2) this is a first implementation.  second implementation will bind to
> individual "interfaces", just like nmbd does, maintaining a socket array
> of interface-137 ports.

nope, that doesn't help.

> can you or someone else fix some of these for me as i don't have the kinds
> of experience to deal with this stuff.  plus, it's a critical area that
> i'm using in all of the unix socket code, so i kind of need it!!!!

fix it by not doing nmb-agent. 

> ..therefore you can DOS nmbd by sending it partial packets, so we should
> fix receive_packet() and send_packet() to be more robust.

nope, nmbd uses a DGRAM interface and nmb-agent uses a STREAM
interface. That makes all the difference.

> i'm relying on you and other people to make sure i don't try anything
> stupid :)

I'm trying, but its hard work convincing you of some stuff.



More information about the samba-technical mailing list