On Sunday 28 November 2004 01:04, Kai Hauser wrote:
does the firewall logs droped packets? hint: tail -f /var/log/messages
Not really, I found: Nov 28 13:22:35 tcn nmbd[4389]: [2004/11/28 13:22:35, 0] nmbd/nmbd_namequery.c:query_name_response(101) Nov 28 13:22:35 tcn nmbd[4389]: query_name_response: Multiple (2) responses received for a query on subnet 192.168.0.2 for name HOME<1d>. Nov 28 13:22:35 tcn nmbd[4389]: This response was from IP 192.168.0.3, reporting an IP address of 192.168.0.3. Nov 28 13:22:42 tcn SuSEfirewall2: Warning: FW_ALLOW_INCOMING_HIGHPORTS_UDP=DNS no longer supported Nov 28 13:22:42 tcn SuSEfirewall2: Firewall rules successfully set from /etc/sysconfig/SuSEfirewall2 but could not reproduce it. 192.168.0.3 is the Windows machine.
nmap -p 139,145 <ip> and
Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-11-28 13:32 CET Interesting ports on tcn.local (192.168.0.2): PORT STATE SERVICE 139/tcp open netbios-ssn 445/tcp open microsoft-ds
nmap -sU -p 137,138 <ip>
Starting nmap 3.48 ( http://www.insecure.org/nmap/ ) at 2004-11-28 13:33 CET Interesting ports on 192.168.0.3: PORT STATE SERVICE 137/udp open netbios-ns 138/udp open netbios-dgm
smbclient -L <ip> shows shares
Password: Domain=[HOME] OS=[Unix] Server=[Samba 3.0.7-5.2-SUSE] Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (tcn) ADMIN$ IPC IPC Service (tcn) Domain=[HOME] OS=[Unix] Server=[Samba 3.0.7-5.2-SUSE] Server Comment --------- ------- TCN tcn Workgroup Master --------- ------- HOME For the Windows machine I get: session request to 192.168.0.3 failed (Called name not present) session request to 192 failed (Called name not present) ?
nmbclient -A <ip> shows netbiosnames
Hmm, seems I don't have nmbclient...
but 192.168.0.255 is a strange IP for a router.
You are right, it's 192.168.0.1 :-)
Type ipconfig in windows commandprompt to see what settings the windowsbox got from dhcp.
192.168.0.3