IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Windows vX.X Forum / Re: What?
Post #135,608
by deSitter
Picture of deSitter
1/14/04 4:25:01 AM
Reply
New Re: What?
Computers with shares to "Everyone" get included in NBT broadcast (browse) lists all over. If you set permissions on a share, you can restrict it to being advertised to a local workgroup or a single domain. If there are thousands of computers in a complex domain structure with a default "Everyone" share being advertised (e.g. a local printer), it's easy to generate a shitload of NBT traffic. I don't know if a pure AD setup had this problem but I suspect AD comes after for compatibility reasons.
-drl
Post #135,616
by pwhysall
Picture of pwhysall
1/14/04 7:04:15 AM
Reply
New All computers get included in browse lists...
...and no, you can't restrict where a share gets advertised to. Sorry.

Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home Page - Now with added Zing!]
Post #135,643
by deSitter
Picture of deSitter
1/14/04 9:19:03 AM
Reply
New Seen with own eyes
Company had a large complex domain structure for NT 4 network. Workstations all (clone) installed with a "DATA" share by accident. Getting a net neighborhood to pop up took forever - the data shares were all removed (SMS script) and browsing went to normal.

Yes, you'll always all computers in a browse list, but that is a different matter (WINS). To see what I am talking about, try to connect to a printer on some remote domain to which you can authenticate. After a couple of seconds of thinking, you'll see a list of only those computers that have advertised printers. WINS will trade its list of machines with other WINS servers, but advertised shares stop at the domain unless otherwise instructed (at the "domain master browser"). This is called "m-mode" resolution - the local domain controller is asked about remote shares instead of contacting the remote controller on the domain where the share lives - that is, leave it up to local WINS and the domain trusts. Basically, NetBIOS name resolution is a complex disaster because unless you explicity tell all the machines how to behave, they all shout at each other constantly.

NetBIOS is not routable but NBT is, because it is encapsulated in IP (we've had this argument before). The issue is WINS, not routability.
-drl
Post #135,680
by pwhysall
Picture of pwhysall
1/14/04 11:37:22 AM
1/14/04 11:39:10 AM
Reply
New You're making it up.

Table 9.1 NetBIOS Node Types

\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n
Node TypeDescription
B-node (broadcast)B-node uses broadcast NetBIOS name queries for name registration and resolution. B-node has two major problems: (1) Broadcasts disturb every node on the network. (2) Routers typically do not forward broadcasts, so only NetBIOS names on the local network can\r\nbe resolved.
P-node (peer_peer) P-node uses a NetBIOS name server, such as a WINS server, to resolve NetBIOS names. P-node does not use broadcasts; instead, it queries the name server directly.
M-node (mixed)M-node is a combination of B-node and P-node. By default, an M-node functions as a B-node. If an M-node is unable to resolve a name by broadcast, it queries a NetBIOS name server using\r\nP-node.
H-node (hybrid)H-node is a combination of P-node and B-node. By default, an H-node functions as a P-node. If an H-node is unable to resolve a name through the NetBIOS name server, it uses a broadcast to resolve the name.
\r\n

\r\nFrom [link|http://www.microsoft.com/mspress/books/sampchap/4245.asp#5|http://www.microsoft...mpchap/4245.asp#5]\r\n

\r\n

\r\nI'm nobody's fool but mine, Ross :)\r\n


Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home Page - Now with added Zing!]
Expand Edited by pwhysall Jan. 14, 2004, 11:39:10 AM EST
Expand All History
Post #135,702
by deSitter
Picture of deSitter
1/14/04 1:12:40 PM
1/14/04 1:15:01 PM
Reply
New OK H mode
It's been a while since the NT 3.51 tests :)

In any case you know what I meant, but thanks for going into C-mode:

C mode: When a forumer's memory has holes, Peter will switch into C-mode or "correction" mode, in which vast amounts of MCSE study bits will be searched for terminology :)
-drl
Expand Edited by deSitter Jan. 14, 2004, 01:15:01 PM EST
Expand All History
Post #135,618
by pwhysall
Picture of pwhysall
1/14/04 7:06:33 AM
Reply
New Also....
...NBT broadcasts stop at the router.

Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home Page - Now with added Zing!]
Post #135,649
by folkert
Picture of folkert
1/14/04 9:36:44 AM
Reply
New Unless you do - Remote Announce
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey

"Lately, The only thing keeping me from being a
  Serial Killer is my distaste for manual labor."
-- Dilbert Calendar, January 4, 2004
     Active Directory for Win2K question - (boxley) - (14) - Dec. 18, 2003, 01:05:26 PM EST
         Difference between share and security permissions - (Silverlock) - Dec. 18, 2003, 02:22:06 PM EST
         Yes. - (qstephens) - (12) - Jan. 13, 2004, 04:15:00 PM EST
             Share vs File perms - (pwhysall) - (11) - Jan. 13, 2004, 04:35:37 PM EST
                 Re: Share vs File perms - (deSitter) - (9) - Jan. 14, 2004, 03:48:14 AM EST
                     What? - (pwhysall) - (7) - Jan. 14, 2004, 03:57:44 AM EST
                         Re: What? - (deSitter) - (6) - Jan. 14, 2004, 04:25:01 AM EST
                             All computers get included in browse lists... - (pwhysall) - (3) - Jan. 14, 2004, 07:04:15 AM EST
                                 Seen with own eyes - (deSitter) - (2) - Jan. 14, 2004, 09:19:03 AM EST
                                     You're making it up. - (pwhysall) - (1) - Jan. 14, 2004, 11:39:10 AM EST
                                         OK H mode - (deSitter) - Jan. 14, 2004, 01:15:01 PM EST
                             Also.... - (pwhysall) - (1) - Jan. 14, 2004, 07:06:33 AM EST
                                 Unless you do - Remote Announce -NT - (folkert) - Jan. 14, 2004, 09:36:44 AM EST
                     It's not a compromise - (Arkadiy) - Jan. 14, 2004, 08:37:08 AM EST
                 Grammar Nazi? Depends what the meaning of 'is' is... (new thread) - (CRConrad) - Jan. 14, 2004, 04:10:41 AM EST

We come here for the righteous indignation and hilarity that follows.
61 ms