The Samba-Bugzilla – Attachment 2863 Details for
Bug 4877
[PATCH] Update Samba-3 by Example to refer to Wireshark
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Updates Samba3 by Example to refer to Wireshark
ethereal-to-wireshark.patch (text/plain), 18.86 KB, created by
Gerald Combs
on 2007-08-12 23:54:25 UTC
(
hide
)
Description:
Updates Samba3 by Example to refer to Wireshark
Filename:
MIME Type:
Creator:
Gerald Combs
Created:
2007-08-12 23:54:25 UTC
Size:
18.86 KB
patch
obsolete
>Index: SBE-Appendix2.xml >=================================================================== >--- SBE-Appendix2.xml (revision 1146) >+++ SBE-Appendix2.xml (working copy) >@@ -24,33 +24,33 @@ > as well as two Microsoft Windows XP Professional Workstations, each equipped with an Ethernet > card connected using a hub. Also required is one additional server (either Windows > NT4 Server, Windows 2000 Server, or a Samba-3 on UNIX/Linux server) running a network >- sniffer and analysis application (ethereal is a good choice). All work should be undertaken >+ sniffer and analysis application (Wireshark is a good choice). All work should be undertaken > on a quiet network where there is no other traffic. It is best to use a dedicated hub > with only the machines under test connected at the time of the exercises. > </para> > > <para><indexterm> >- <primary>Ethereal</primary> >+ <primary>Wireshark</primary> > </indexterm> >- Ethereal has become the network protocol analyzer of choice for many network administrators. >- You may find more information regarding this tool from the >- <ulink url="http://www.ethereal.com">Ethereal</ulink> Web site. Ethereal installation >- files for Windows may be obtained from the Ethereal Web site. Ethereal is provided with >- SUSE and Red Hat Linux distributions, as well as with many other Linux distributions. It may >- not be installed on your system by default. If it is not installed, you may also need >- to install the <command>libpcap </command> software before you can install or use Ethereal. >- Please refer to the instructions for your operating system or to the Ethereal Web site >- for information regarding the installation and operation of Ethereal. >+ Wireshark (formerly Ethereal) has become the network protocol analyzer of choice for many network administrators. >+ You may find more information regarding this tool from the >+ <ulink url="http://www.wireshark.org">Wireshark</ulink> Web site. Wireshark installation >+ files for Windows may be obtained from the Wireshark Web site. Wireshark is provided with >+ SUSE and Red Hat Linux distributions, as well as with many other Linux distributions. It may >+ not be installed on your system by default. If it is not installed, you may also need >+ to install the <command>libpcap</command> software before you can install or use Wireshark. >+ Please refer to the instructions for your operating system or to the Wireshark Web site >+ for information regarding the installation and operation of Wireshark. > </para> > > <para> >- To obtain <command>ethereal</command> for your system, please visit the Ethereal >- <ulink url="http://www.ethereal.com/download.html#binaries">download site</ulink>. >+ To obtain <command>Wireshark</command> for your system, please visit the Wireshark >+ <ulink url="http://www.wireshark.org/download.html">download site</ulink>. > </para> > > <note><para> > The successful completion of this chapter requires that you capture network traffic >- using <command>Ethereal</command>. It is recommended that you use a hub, not an >+ using <command>Wireshark</command>. It is recommended that you use a hub, not an > Ethernet switch. It is necessary for the device used to act as a repeater, not as a > filter. Ethernet switches may filter out traffic that is not directed at the machine > that is used to monitor traffic; this would not allow you to complete the projects. >@@ -69,17 +69,17 @@ > </indexterm><indexterm> > <primary>protocol analysis</primary> > </indexterm> >- Please do not be alarmed at the use of a high-powered analysis tool (Ethereal) in this >- primer. We expose you only to a minimum of detail necessary to complete >+ Please do not be alarmed at the use of a high-powered analysis tool (Wireshark) in this >+ primer. We expose you only to a minimum of detail necessary to complete > the exercises. If you choose to use any other network sniffer and protocol > analysis tool, be advised that it may not allow you to examine the contents of > recently added security protocols used by Windows 200x/XP. > </para> > > <para> >- You could just skim through the exercises and try to absorb the key points made. >- The exercises provide all the information necessary to convince the die-hard network >- engineer. You possibly do not require so much convincing and may just want to move on, >+ You could just skim through the exercises and try to absorb the key points made. >+ The exercises provide all the information necessary to convince the die-hard network >+ engineer. You possibly do not require so much convincing and may just want to move on, > in which case you should at least read <link linkend="chap01conc"/>. > </para> > >@@ -94,8 +94,8 @@ > > <para> > The purpose of this chapter is to create familiarity with key aspects of Microsoft Windows >- network computing. If you want a solid technical grounding, do not gloss over these exercises. >- The points covered are recurrent issues on the Samba mailing lists. >+ network computing. If you want a solid technical grounding, do not gloss over these exercises. >+ The points covered are recurrent issues on the Samba mailing lists. > </para> > > <para><indexterm> >@@ -142,7 +142,7 @@ > </indexterm> > The networking protocols used by MS Windows networking when working with Samba > use TCP/IP as the transport protocol. The protocols that are specific to Windows >- networking are encapsulated in TCP/IP. The network analyzer we use (Ethereal) >+ networking are encapsulated in TCP/IP. The network analyzer we use (Wireshark) > is able to show you the contents of the TCP/IP packets (or messages). > </para> > >@@ -182,12 +182,12 @@ > <title>Exercises</title> > > <para> >- <indexterm><primary>ethereal</primary></indexterm> >+ <indexterm><primary>wireshark</primary></indexterm> > You are embarking on a course of discovery. The first part of the exercise requires > two MS Windows 9x/Me systems. We called one machine <constant>WINEPRESSME</constant> and the > other <constant>MILGATE98</constant>. Each needs an IP address; we used <literal>10.1.1.10</literal> > and <literal>10.1.1.11</literal>. The test machines need to be networked via a <emphasis>hub</emphasis>. A UNIX/Linux >- machine is required to run <command>Ethereal</command> to enable the network activity to be captured. >+ machine is required to run <command>Wireshark</command> to enable the network activity to be captured. > It is important that the machine from which network activity is captured must not interfere with > the operation of the Windows workstations. It is helpful for this machine to be passive (does not > send broadcast information) to the network. >@@ -212,7 +212,7 @@ > <para> > <indexterm><primary>ethereal</primary></indexterm> > The network captures provided on the CD-ROM included with this book were captured using <constant>Ethereal</constant> >- version <literal>0.10.6</literal>. A later version suffices without problems, but an earlier version may not >+ version <literal>0.10.6</literal>. A later version suffices without problems (i.e. you should be using Wireshark), but an earlier version may not > expose all the information needed. Each capture file has been decoded and listed as a trace file. A summary of all > packets has also been included. This makes it possible for you to do all the studying you like without the need to > perform the time-consuming equipment configuration and test work. This is a good time to point out that the value >@@ -231,8 +231,8 @@ > <title>Monitoring Windows 9x Steps</title> > > <step><para> >- Start the machine from which network activity will be monitored (using <command>ethereal</command>). >- Launch <command>ethereal</command>, click >+ Start the machine from which network activity will be monitored (using <command>Wireshark</command>). >+ Launch <command>Wireshark</command>, click > <menuchoice> > <guimenu>Capture</guimenu> > <guimenuitem>Start</guimenuitem> >@@ -240,7 +240,7 @@ > </para> > > <para> >- Click the following: >+ Click the following: > <orderedlist> > <listitem><para>Update list of packets in real time</para></listitem> > <listitem><para>Automatic scrolling in live capture</para></listitem> >@@ -419,7 +419,7 @@ > of various announcements, re-election of a browse master, and name queries. These create > the symphony of announcements by which network browsing is made possible. > </para> >- >+ > <para><indexterm> > <primary>CIFS</primary> > </indexterm> >@@ -444,8 +444,8 @@ > <title>Monitoring of Second Machine Activity</title> > > <step><para> >- On the machine from which network activity will be monitored (using <command>ethereal</command>), >- launch <command>ethereal</command> and click >+ On the machine from which network activity will be monitored (using <command>Wireshark</command>), >+ launch <command>Wireshark</command> and click > <menuchoice> > <guimenu>Capture</guimenu> > <guimenuitem>Start</guimenuitem> >@@ -453,7 +453,7 @@ > </para> > > <para> >- Click: >+ Click: > <orderedlist> > <listitem><para>Update list of packets in real time</para></listitem> > <listitem><para>Automatic scrolling in live capture</para></listitem> >@@ -625,12 +625,12 @@ > </para></step> > > <step><para> >- Start ethereal (or the network sniffer of your choice). >+ Start Wireshark (or the network sniffer of your choice). > </para></step> > > <step><para> > From the WINEPRESSME machine, right-click <guimenu>Network Neighborhood</guimenu>, select >- <guimenuitem>Explore</guimenuitem>, select >+ <guimenuitem>Explore</guimenuitem>, select > <menuchoice> > <guimenuitem>My Network Places</guimenuitem> > <guimenuitem>Entire Network</guimenuitem> >@@ -650,7 +650,7 @@ > <step><para> > <indexterm><primary>session setup</primary></indexterm> > From the top of the packets captured, scan down to locate the first packet that has >- interpreted as <constant>Session Setup AndX, User: anonymous; Tree Connect AndX, >+ interpreted as <constant>Session Setup AndX, User: anonymous; Tree Connect AndX, > Path: \\MILGATE98\IPC$</constant>. > </para></step> > >@@ -686,8 +686,8 @@ > > <para> > <indexterm><primary>IPC$</primary></indexterm> >- The <constant>IPC$</constant> share serves a vital purpose<footnote><para>TOSHARG2, Sect 4.5.1</para></footnote> >- in SMB/CIFS-based networking. A Windows client connects to this resource to obtain the list of >+ The <constant>IPC$</constant> share serves a vital purpose<footnote><para>TOSHARG2, Sect 4.5.1</para></footnote> >+ in SMB/CIFS-based networking. A Windows client connects to this resource to obtain the list of > resources that are available on the server. The server responds with the shares and print queues that > are available. In most but not all cases, the connection is made with a <constant>NULL</constant> > username and a <constant>NULL</constant> password. >@@ -780,7 +780,7 @@ > <title>Steps to Explore Windows XP Pro Connection Set-up</title> > > <step><para> >- Start your domain controller. Also, start the ethereal monitoring machine, launch ethereal, >+ Start your domain controller. Also, start the Wireshark monitoring machine, launch Wireshark, > and then wait for the next step to complete. > </para></step> > >@@ -789,8 +789,8 @@ > </para></step> > > <step><para> >- On the machine from which network activity will be monitored (using <command>ethereal</command>), >- launch <command>ethereal</command> and click >+ On the machine from which network activity will be monitored (using <command>Wireshark</command>), >+ launch <command>Wireshark</command> and click > <menuchoice> > <guimenu>Capture</guimenu> > <guimenuitem>Start</guimenuitem> >@@ -810,7 +810,7 @@ > </para></step> > > <step><para> >- On the Windows XP Professional client, press <guimenu>Ctrl-Alt-Delete</guimenu> to bring >+ On the Windows XP Professional client, press <guimenu>Ctrl-Alt-Delete</guimenu> to bring > up the domain logon screen. Log in using valid credentials for a domain user account. > </para></step> > >@@ -834,7 +834,7 @@ > </para></step> > > <step><para> >- Stop the capture on the <command>ethereal</command> monitoring machine. Be sure to save the captured data >+ Stop the capture on the <command>Wireshark</command> monitoring machine. Be sure to save the captured data > to a file so that you can refer to it again later. > </para></step> > >@@ -908,7 +908,7 @@ > </indexterm> > This exercise demonstrates that, while the specific protocol for the Session Setup AndX is handled > in a more sophisticated manner by recent MS Windows clients, the underlying rules or principles >- remain the same. Thus it is demonstrated that MS Windows XP Professional clients still use a >+ remain the same. Thus it is demonstrated that MS Windows XP Professional clients still use a > <constant>NULL-Session</constant> connection to query and locate resources on an advanced network > technology server (one using Windows NT4/200x or Samba). It also demonstrates that an authenticated > connection must be made before resources can be used. >@@ -932,7 +932,7 @@ > > <listitem><para> > Network browsing protocols query information stored on browse masters that manage >- information provided by NetBIOS Name Registrations and by way of ongoing host >+ information provided by NetBIOS Name Registrations and by way of ongoing host > announcements and workgroup announcements. > </para></listitem> > >@@ -1151,7 +1151,7 @@ > <para> > <indexterm><primary>WINS</primary></indexterm> > <indexterm><primary>NetBIOS</primary></indexterm> >- Yes, there are two ways to do this. The first involves use of WINS (See <emphasis>TOSHARG2</emphasis>, Chapter 9, >+ Yes, there are two ways to do this. The first involves use of WINS (See <emphasis>TOSHARG2</emphasis>, Chapter 9, > Section 9.5, <quote>WINS &smbmdash; The Windows Inter-networking Name Server</quote>); the > alternate method involves disabling the use of NetBIOS over TCP/IP. This second method requires > a correctly configured DNS server (see <emphasis>TOSHARG2</emphasis>, Chapter 9, Section 9.3, <quote>Discussion</quote>). >@@ -1161,9 +1161,9 @@ > <indexterm><primary>broadcast</primary></indexterm> > <indexterm><primary>NetBIOS</primary><secondary>Node Type</secondary></indexterm> > <indexterm><primary>Hybrid</primary></indexterm> >- The use of WINS reduces network broadcast traffic. The reduction is greatest when all network >- clients are configured to operate in <parameter>Hybrid Mode</parameter>. This can be effected through >- use of DHCP to set the NetBIOS node type to type 8 for all network clients. Additionally, it is >+ The use of WINS reduces network broadcast traffic. The reduction is greatest when all network >+ clients are configured to operate in <parameter>Hybrid Mode</parameter>. This can be effected through >+ use of DHCP to set the NetBIOS node type to type 8 for all network clients. Additionally, it is > beneficial to configure Samba to use <smbconfoption name="name resolve order">wins host cast</smbconfoption>. > </para> > >@@ -1201,11 +1201,11 @@ > disabling this. When network connections are dropped by the client, it is not possible to re-establish > the connection automatically. Users need to log off and then log on again. Plain-text password support > may interfere with recent enhancements that are part of the Microsoft move toward a more secure computing >- environment. >+ environment. > </para> > > <para> >- Samba-3 supports Microsoft encrypted passwords. Be advised not to reintroduce plain-text password handling. >+ Samba-3 supports Microsoft encrypted passwords. Be advised not to reintroduce plain-text password handling. > Just create user accounts by running <command>smbpasswd -a 'username'</command> > </para> > >Index: SBE-glossary.xml >=================================================================== >--- SBE-glossary.xml (revision 1146) >+++ SBE-glossary.xml (working copy) >@@ -53,7 +53,7 @@ > <glossterm>Domain Master Browser</glossterm> > <acronym>DMB</acronym> > <glossdef><para> >- The Domain Master Browser maintains a list of all the servers that >+ The Domain Master Browser maintains a list of all the servers that > have announced their services within a given workgroup or NT domain. > </para></glossdef> > </glossentry> >@@ -81,16 +81,6 @@ > </glossentry> > > <glossentry> >- <glossterm>Ethereal</glossterm> >- <acronym>ethereal</acronym> >- <glossdef><para> >- A network analyzer, also known as a network sniffer or a protocol analyzer. Ethereal is >- freely available for UNIX/Linux and Microsoft Windows systems from >- <ulink url="http://www.ethereal.com">the Ethereal Web site</ulink>. >- </para></glossdef> >- </glossentry> >- >- <glossentry> > <glossterm>Group IDentifier</glossterm> > <acronym>GID</acronym> > <glossdef><para> >@@ -130,10 +120,10 @@ > outweigh any need to add, delete, or modify records. LDAP does > provide a means for replication of the database to keep slave > servers up to date with a master. It also has built-in capability to >- handle external references and deferral. >+ handle external references and deferral. > </para></glossdef> > </glossentry> >- >+ > <glossentry> > <glossterm>Local Master Browser</glossterm> > <acronym>LMB</acronym> >@@ -177,7 +167,7 @@ > <glossterm>Network Basic Input/Output System</glossterm> > <acronym>NetBIOS</acronym> > <glossdef><para> >- NetBIOS is a simple application programming interface (API) invented in the 1980s >+ NetBIOS is a simple application programming interface (API) invented in the 1980s > that allows programs to send data to certain network names. NetBIOS is always run over > another network protocol such as IPX/SPX, TCP/IP, or Logical Link Control (LLC). > NetBIOS run over LLC is best known as NetBEUI (the NetBIOS Extended User Interface >@@ -189,11 +179,11 @@ > <glossterm>NetBT</glossterm> > <acronym>NBT</acronym> > <glossdef><para> >- Protocol for transporting NetBIOS frames over TCP/IP. Uses ports 137, 138, and 139. >+ Protocol for transporting NetBIOS frames over TCP/IP. Uses ports 137, 138, and 139. > NetBT is a fully routable protocol. > </para></glossdef> > </glossentry> >- >+ > <glossentry> > <glossterm>NT/LanManager Security Support Provider</glossterm> > <acronym>NTLMSSP</acronym> >@@ -210,7 +200,7 @@ > <acronym>SMB</acronym> > <glossdef><para> > SMB was the original name of the protocol spoken by Samba. It was invented in the 1980s >- by IBM and adopted and extended further by Microsoft. Microsoft renamed the protocol to >+ by IBM and adopted and extended further by Microsoft. Microsoft renamed the protocol to > CIFS during the Internet hype in the 1990s. > </para></glossdef> > </glossentry> >@@ -255,4 +245,14 @@ > </para></glossdef> > </glossentry> > >+ <glossentry> >+ <glossterm>Wireshark</glossterm> >+ <acronym>wireshark</acronym> >+ <glossdef><para> >+ A network analyzer, also known as a network sniffer or a protocol analyzer. Formerly known as Ethereal, Wireshark is >+ freely available for UNIX/Linux and Microsoft Windows systems from >+ <ulink url="http://www.wireshark.org">the Wireshark Web site</ulink>. >+ </para></glossdef> >+ </glossentry> >+ > </glossary>
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 4877
: 2863