wxp SP2 host responds to "nmblookup HOST" but not "nmblookup *"
David Wuertele
dave-gnus at bfnet.com
Tue Dec 28 18:52:03 GMT 2004
Executive summary: Is there some other method to enumerate all SMB
hosts on a LAN than a wildcard NBT node status query to the broadcast
address?
I am trying to automate the enumeration of available shares on my LAN.
In the process, I enumerate the SMB servers by doing a broadcast
query. The assumption is that if the Windows host is node type B,M,
or H, it will respond. However, I have found some hosts that don't
respond to the wildcard query even if they are in M or H mode.
Example: Windows XP host "DAVE" is Node Type "Hybrid" and has IP
address 192.168.0.7. Firewalling is completely turned off. On a
linux box on the same LAN, I type
# nmblookup '*'
creating lame upcase table
creating lame lowcase table
querying * on 192.168.0.255
192.168.0.15 *<00>
#
Apparently nmblookup found another WXP host --- but not "DAVE". Why
not? When I ask for "DAVE" by name, he answers:
# nmblookup 'DAVE'
creating lame upcase table
creating lame lowcase table
querying DAVE on 192.168.0.255
192.168.0.7 DAVE<00>
#
When I query DAVE by his IP address, I also get a response:
# nmblookup -A 192.168.0.7
creating lame upcase table
creating lame lowcase table
Looking up status of 192.168.0.7
DAVE <00> - M <ACTIVE>
BOGUSWORKGROUP <00> - <GROUP> M <ACTIVE>
DAVE <20> - M <ACTIVE>
BOGUSWORKGROUP <1e> - <GROUP> M <ACTIVE>
MAC Address = 00-04-76-DA-6A-C3
#
But I can't query by name or by address, because those are the unknown
things I'm trying to discover in the first place! The wildcard
broadcast query has always worked before... I wonder if SP2 has
changed something?
Looking into the source for nmblookup, it is calling
namequery.c:node_status_query(), which does a NBT node status query.
Is there some other method to discover SMB hosts than a wildcard NBT
node status query to the broadcast address?
Thanks,
Dave
More information about the samba-technical
mailing list