smbwrapper use of port 139 vs 445... Ok to force to 139?

Steve Langasek vorlon at netexpress.net
Mon Dec 23 20:59:00 GMT 2002 

On Mon, Dec 23, 2002 at 03:53:08PM -0500, Derrell.Lipman at UnwiredUniverse.com wrote:

>> For the purposes of getting a browse list, connecting to port 139 is a
>> must.  There are ways to get the equivalent of a browse list via AD, but
>> I don't think it's LDAP-only, so port 445 doesn't even do any good in
>> this regard.

>> For the actual enumeration of and connecting to shares, port 445 is
>> likely to give some performance increase due to the lower protocol
>> overhead.  You can also configure newer Windows machines (XP at least) to
>> *not* support NetBIOS at all, in which case they'll only be listening on
>> port 445.  OTOH, there are also plenty of older machines (NT4 and below)
>> that are 139-only.

> If an XP or other "new" machine is configured to not support port 139, and it
> becomes a master browser then how would one get the browse list?

If NetBIOS is disabled, the machine won't participate in browse
elections, so it will never become the master browser.

If NetBIOS is enabled, I believe that AD-aware machines are given a
slight edge (in the form of the 'os level' option) in the browse
election.

>> Theoretically, it might be optimal to use port 139 to collect browse
>> lists, and then use 445-else-139 for everything else.  Barring that, I
>> think 139-else-445 would be the best option.

> This may be possible to do.  The function where cli_initialize() and
> cli_connect() are called, is passed a server name and a share name.  The share
> name seems to be IPC$ for every call I've seen into here, but is likely a
> "real" share name when opening a regular file.  I have occasionally seen a
> server name of IPC$ as well.  I suppose I could trace and determine which case
> is caused by which type of enumeration.  Do you know offhand in which case(s)
> of server and share names I'm looking for a browse list?  What if I do
> 139-else-445 if share is IPC$, and do 445-else-139 otherwise?

AFAIK, the share name will always be IPC$ for server enumeration, but I
don't know what other side effects this approach might have.  Certainly,
the IPC$ share name would be used for other things which are not
NetBIOS-dependent.

-- 
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20021223/9767544f/attachment.bin

More information about the samba-technical mailing list