Seem the same logic tridge and abartlet found about authentication against w2k. Seem a childish way to avoid possible DoS oir something like that. If you have not finished authentication and the same client issue a second request, w2k drops the connection. And if I remember correctly, this happens at the TCP/IP stack level not even at the NetBIOS one.
Simo. On Thu, 2002-08-01 at 20:24, Christopher R. Hertel wrote: > On Fri, Aug 02, 2002 at 04:49:55AM +0930, Richard Sharpe wrote: > : > > It's the NegProt. Once the first NegProt is issued on any open TCP > > connection, all the others get RSTs if they have not got past that point. > > It is bizare. They come from another planet, I tell you. > > Odd. Are these all connections from the same client? If not, then it's > definitely a bug. You'd have only one client able to connect at a time... > > If it only happens across multiple connections from the same client, then > it makes a kind of twisted sense. Microsoft may assume (since, as I > understand it, their software works this way) that there will be only one > TCP connection per SMB client system. I think that the SMB session is > handled within the OS on Windows boxes, so only one TCP connection is > needed, and therefore only one NegProt will be sent. > > I'm already several guesses deep, but if the server gets a new NegProt > from the same client, it may assume that the other connections are now > bogus. W2K expects other Windows systems to be its clients, so it may > also expect the clients to crash and be rebooted frequently. Given those > assumptions, it makes sense that a new NegProt would be taken by the > server as a signal that the client was rebooted and the other connections > should be dropped. > > It's bogus, but it is the same kind of logic that is behind the VC=0 > reset. > > I wonder what would happen if you simply didn't send the NegProt or > SessionSetup, and just started using a [V]UID from one of the other > sessions... Ooohh. Ouch. > > Chris -)----- > > -- > Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel > jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq. > ubiqx Team -- http://www.ubiqx.org/ -)----- [EMAIL PROTECTED] > OnLineBook -- http://ubiqx.org/cifs/ -)----- [EMAIL PROTECTED] > -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399
signature.asc
Description: This is a digitally signed message part
