On our samba server, with snoop I am seeing following traffic, 1 0.00000 client1-> samba-server SMB C Code=0x32 Name=SMBtrans2 Findfirst File=????????l Error=0 8 0.00443 samba-server -> client1SMB R Code=0x32 Name=SMBtrans2 Error=0 27 0.01176 client5 -> samba-server SMB C Code=0x10 Name=SMBchkpth File=????????1? Error=0 28 0.00016 samba-server -> client5 SMB R Code=0x10 Name=SMBchkpth Error=0 46 0.00019 client2 -> samba-server SMB C Code=0x32 Name=SMBtrans2 Findfirst File=???????????l??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Error=0 53 0.00012 samba-server -> client2 SMB R Code=0x32 Name=SMBtrans2 Error=0 54 0.00320 client4 -> samba-server SMB C Code=0x32 Name=SMBtrans2 Findfirst File=???????l??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Error=0 59 0.00005 client3 -> samba-server SMB C Code=0x10 Name=SMBchkpth File=????????4 Error=0 62 0.00006 samba-server -> client3 SMB R Code=0x10 Name=SMBchkpth Error=0 63 0.00007 samba-server -> client4 SMB R Code=0x32 Name=SMBtrans2 Error=0 64 0.00279 client6 -> samba-server SMB C Code=0x32 Name=SMBtrans2 Findfirst File=???????????????�??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Error=0 71 0.00232 samba-server -> client6 SMB R Code=0x32 Name=SMBtrans2 Error=0 152 0.00164 client7 -> samba-server SMB C Code=0x32 Name=SMBtrans2 Findfirst File=?????????????? Error=0 158 0.00005 client8 -> samba-server SMB C Code=0x32 Name=SMBtrans2 Findfirst File=??????????? Error=0 160 0.00013 samba-server -> client7 SMB R Code=0x32 Name=SMBtrans2 Error=0 167 0.00011 samba-server -> client8 SMB R Code=0x32 Name=SMBtrans2 Error=0 226 0.00213 client1-> samba-server SMB C Code=0x10 Name=SMBchkpth File=???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Error=0
A search on google indicate to one very old document saying that this may be because of W32.HLLW.Qaz trozan, I am not able to find any trozan/virus on clients PC. Has anybody seen this behavior, is it normal? Any pointers/clues for this will be appreciated. Thanks, Vinay -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
