Got caught by Samba and Windows NT PDC

Dan Kaminsky effugas at
Wed Jan 20 14:31:15 GMT 1999

----- Original Message -----
From: Gerald Carter <cartegw at>
To: Dan Kaminsky <effugas at>; Samba Technical Development List
<samba-technical at>
Sent: Wednesday, January 20, 1999 5:53 AM
Subject: Re: Got caught by Samba and Windows NT PDC

>Dan Kaminsky wrote:
>> >Yup. Better stop Samba first and then bring up the NT PDC.
>> >We (Luke and Paul Aston i think) found this out in the
>> >beginning.  Kind of a nasty DoS attack from your internal
>> >network. ;)
>> Does this qualify as a true DoS?  Can a *remote* network generate the
>> necessary packets to break an already-activated PDC?
>No.  Not really. But watch out for disgruntled emplyee
>on your subnet. Perhaps registering with the WINS server.
>But these are all internal things assuming you are behind
>a firewall.

Supposing a PDC is already up, can any machine with access to the local
subnet arbitararily crash that PDC by emulating another PDC?  Firewalls
often mean your network is like candy--tough on the outside, but with a
sweet, gooey center.

How does NT react if it starts up and Samba is already doing its job?

More information about the samba-technical mailing list