| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 30 15:17:33 2006 From: libove-fulldisc at felines.org (Jay Libove) Subject: Re: Strange interactions between tunnelling and SMB under the proprietary Microsoft Windows environment The original poster mentioned NetBEUI. If the legacy NetBEUI protocol is really installed on the system, certain Microsoft sharing attempts would be expected to bypass IP (and therefore all IP VPNs) entirely. Right? -Jay |Date: Thu, 30 Mar 2006 07:52:10 +0200 |From: schaefer@...hanet.ch (Marc SCHAEFER) |Subject: [Full-disclosure] Strange interactions between tunnelling and | SMB under the proprietary Microsoft Windows environment |To: full-disclosure@...ts.grok.org.uk |Message-ID: <20060330055210.GA8941@...hanet.ch> |Content-Type: text/plain; charset=us-ascii | |Hi, | |first, a disclaimer: I don't really need the proprietary Microsoft |Windows environment for my work. It happens that, for interoperability's |sake, I sometimes install free (libre) software on this proprietary |environment on customer systems. It's always quite painful, has strange |implications, and is always quite difficult to debug. But well, some |people apparently still need it. | |After that, the issue I saw, which I currently cannot understand: | | I installed the libre software OpenVPN including the TAP driver on | the proprietary Microsoft Windows environment. I did set up a | encrypted tunnel between two machines on the same Ethernet subnet | (this is probably important). | | Testing pings and telnet on the remote tunnel address (e.g. | 192.168.1.2) and capturing data with the libre software Ethereal on the | real Ethernet interface did show me that the flow of data was | correctly routed through the tunnel. | | However, accessing \\192.168.1.2\c$ did go through the Ethernet | interface, and *not the tunnel*, and strangely half-using the private | addresses! | | I wonder if there is some NetBEUI/NetBIOS/whatever interaction which | kind-of `resolves' the private IP address as a host name. Thus | probably as long as noone replies NetBEUI/NetBIOS it should work ... | but could be exploitable, isn't it ? | | The obvious solution could be to completely disable this resolution, | or maybe use a real DNS name for the private addresses of the tunnel. | | After all NetBEUI/NetBIOS predates the standard IP networking support | in the proprietary Microsoft Windows environment and could be considered | obsolete today (if using a WINS server or DNS resolution). But it is | still activated by default. | | Looking at the routing tables through NETSTAT.EXE is ... well ... | strange. No interface, strange routes, it's a bit difficult to really | understand how routing works on this proprietary plateform. | |Has someone also experienced this, or was it some strange local pecularity ?
Powered by blists - more mailing lists