messenger service...
Christopher R. Hertel
crh at ubiqx.mn.org
Mon Jun 16 22:27:19 GMT 2003
On Tue, Jun 17, 2003 at 01:01:27AM +0300, Eugen SAVIN wrote:
> Hello,
>
> > Hmmm... It looks as though we are talking about two different types of
> > messenger service (which is not surprising in the Windows world). The
> > error message you are reporting is a DCE/RPC error message, which means
> > that you're using RPC for this connection (port 135, perhaps?). I'm
> > digging into the older Messenger Service system. Very different.
> >
> > Sorry for the confusion.
>
> My mistake if I did not specified the port number. Yes, it is indeed the
> DCE/RPC protocol.
> If I get a reponse, that means some services must be listening on the port
> 135.
Port 135 runs the DCE endpoint resolution so, even if the endpoint itself
is not there, the endpoint mapper will probably respond. I'm guessing on
that, though. I am not up-to-speed on MS-RPC yet.
> I also believe that some of the service packs (the computer I have tried to
> send the message is a Win NT 4) rejects the message if they do
> not have the interface you're sending the message to.
Probably. I also know that you can disable specific services, such as the
RPC Messenger Service, even though MS-RPC is still running. Jean-Baptiste
Marchand wrote up some docs on this. See:
http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html
> The interface is hard coded in the program, it works ok with some 2000 and
> XP machines and also fails on some. What I can tell you for sure, is that
> the one which fails is a NT machine.
> There is no rule so that I can find out what is happening.
Which suggests per-machine configuration...
> Does the "net send" command use the NMB protocol, first queries the port 137
> in order to get the computer name and services, and after that sends the
> message via port 139? I guess the net send is not using the port 135
> anymore, isn't it ?
The 'net send' command uses old NBT-based protocols. If it is sending a
group message (to all users in a domain, for example) it will broadcast a
UDP datagram (port 138/UDP). Since it is broadcast, no name lookup is
needed. If the message is directed at a specific machine or user then a
name lookup is performed (port 137/UDP), after which an SMB session is
established (SMB over NBT via port 139/TCP).
One annoyance of the NBT-based Messanger Service is that the message may
be delivered with no errors reported but, if WinPopup isn't running, the
message will never be delivered.
I *think* that Win/9x and ME will only handle the older WinPopup-style NBT
messages, and not the newer RPC-based. If that's true, then there is
nothing available that will reliably deliver pop-up message to end users.
This would be the worst possible combination because it would mean that
popup-spammers have a tool they can use to hit a large population while
system administrators have nothing to use to get their message out
reliably.
Worth further investigation.
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical
mailing list