tridge at linuxcare.com
Fri Dec 17 05:05:10 GMT 1999
> 1) it binds to 0.0.0.0 because nmb-agent sends UDP 137 packets on behalf
> of the nmb-agent-clients.
which means it can get packets from any machine. nasty.
> 2) this is a first implementation. second implementation will bind to
> individual "interfaces", just like nmbd does, maintaining a socket array
> of interface-137 ports.
nope, that doesn't help.
> can you or someone else fix some of these for me as i don't have the kinds
> of experience to deal with this stuff. plus, it's a critical area that
> i'm using in all of the unix socket code, so i kind of need it!!!!
fix it by not doing nmb-agent.
> ..therefore you can DOS nmbd by sending it partial packets, so we should
> fix receive_packet() and send_packet() to be more robust.
nope, nmbd uses a DGRAM interface and nmb-agent uses a STREAM
interface. That makes all the difference.
> i'm relying on you and other people to make sure i don't try anything
> stupid :)
I'm trying, but its hard work convincing you of some stuff.
More information about the samba-technical