HOWTO add static entries to WINS?

[Christopher R. Hertel]

> > It seemed to work for me, but I must say that I didn't look at the code to
> > expire WINS entries, so that may still be a problem.
> 
> Could a samba guru comment? ;)

I believe that if you look deeply into the code you will find that a 
value of either 0 or -1 means 'infinite'.  It has been a long time since 
I looked at it so I may be wrong.

> Also would that small patch make it to the src trees?

Not likely.  The LMHosts file is used for local name resolution only. 
That is, the client uses LMHosts to to find services which the normal name
resolution mechanism fails to find.  What you are doing is different.  I
am familiar with the problem, though, having given it a lot of thought
about four years ago. 

If I understand this thread correctly, what you want to do is to 'lock' 
the mapping between a set of names and a set of IPs so that only the 
given IP can register and use the given name.  This might be done by 
pre-loading the WINS database with those mappings, as you are doing, 
assuming that all clients are in either P or H mode (both of which rely 
on the NBNS server to resolve names).

> > I'm also not sure if it actually gives you any more security like the
> > documentation says it does.
> 
> Why not? At least the IP address is secured now. Although it may be spoofed
> by other means, a hacker has more obstacles now.

What this basically does is prevent NBNS (WINS) pollution.  If I ever get 
around to doing another overhaul of the nmbd I will consider a mechanism 
for doing this.

Chris -)-----

-- 
Christopher R. Hertel -)-----                   University of Minnesota
crh at nts.umn.edu              Networking and Telecommunications Services

    Ideals are like stars; you will not succeed in touching them
    with your hands...you choose them as your guides, and following
    them you will reach your destiny.  --Carl Schultz