samba & clients on 2 subnets

Luke Kenneth Casson Leighton lkcl at switchboard.net
Mon Nov 10 21:06:38 GMT 1997 

On Tue, 11 Nov 1997, Alan Taylor wrote:

> > and subnet of 255.255.255.0) or is it that we are using the "remote
> > announce" option incorrectly and it shouldbe "remote announce =
> > 128.143.10.255, 128.143.57.255" ? Any ideas on why I sometimes work
> 
> 
> I have a similar problem on AIX 4.2 with 1.9.17p2, so I am interested in
> your findings.  The documentation for smb.conf states that the numbers
> following your "remote announce =" should be the broadcast addresses of the
> remote subnets.  It seems that your original line pointed to your Samba
> server, which is incorrect.  The above line, however, is correct according
> to the documentation.  Please post if you find a resolution to your problem.

"remote announce" is a hang-over from 1.9.15 or earlier which has been 
left in because it does have a practical use.  it also gives me headaches 
just thinking about it.

for full information on browsing, see:

	ftp.microsoft.com/developr/drg/cifs/cifs/cifsbrow.txt.

in it, you will find that it is possible to send UDP "host announcements" 
to a remote network, and have machines "randomly" appearing in your 
network neighbourhood, as a result.

[this was what the security problem with Internet De^H^HExplorer and Netscape
was all about: the remote attacker did a UDP host announcement to your ip
address (\\DUMMYSERVER) - easily obtainable by the attacker - waited for a
few seconds, then invited you to read "http://\\DUMMYSERVER\SHARE\file.html"
by clicking on it.  "oh, look!  we have a host announcement entry for this,
with a valid ip address - the attacking server.  it's also a share, so we
have to make an SMB connection".  and hand over - without permission - your
username and password.  if the attacking server negotiates clear-text 
passwords...]

anyway, "remote announce" can be used to make a server entry appear in a
*remote* - and i do mean *remote* workgroup.  what ever you do, *don't* 
use "remote announce" in you local netbios scope, i.e within the scope of 
your WINS server.

in other words, if you have browsing problems, first take out the "remote
announce" parameter.  second, take out the "socket address" parameter. 
restart your samba server.  run it for about half an hour.  if you still have
browsing problems, ask on the digest first (give full, relevant details - 
e.g your smb.conf file) and if that doesn't resolve it, send a report 
to samba-bugs.


regards,

luke



<a href="mailto:lkcl at switchboard.net"  > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba Consultancy and Support </a>

More information about the samba mailing list