Windows 7真的支持SMB核心协议吗?
我已经开始为基于 Z80 的旧机器开发 SMB 服务器。这台机器运行一个非常简单的、类似MS-DOS的操作系统(没有多任务,没有用户概念,只有FAT文件系统,没有unicode,只有8.3文件名)并且内存有限,因此我的第一个想法是只实现SMB核心协议。我将使用 TCP 传输。
就目前而言,我只有一个非常短的测试代码,它仅回复 SMB_COM_NEGOTIATE 命令,表明核心协议(“PC NETWORK PROGRAM 1.0”)是所需的方言。为了测试它,我尝试从 Windows 7 计算机进行连接,方法是打开资源管理器窗口并在地址栏中键入 "\\。我已使用 Wireshark 验证服务器收到协商命令并发送(显然)正确的响应。
问题:Windows 客户端收到响应后,立即显示一条通用的“无法访问资源”错误消息(错误代码为 0x80004005),然后什么也没有发生(不再发送 SMB 消息) )。我期待收到 SMB_COM_TREE_CONNECT 或类似的命令。
我当时想,也许Windows 7不支持核心协议(它很旧,而且缺乏任何安全功能),但是,为什么它会在协商请求中列出核心方言名称呢?也许我错过了一些步骤?服务器必须在协商响应后发送任何额外的数据包吗?
客户端操作系统是 Windows 7 Ultimate 64 位,以下是请求和响应的 Wireshark 转储,以防任何人在过程中发现任何错误:
请求:
响应:
更新:如果我选择 NT LM 0.12 方言而不是核心方言,我会收到来自客户端的 SESSION_SETUP_AND_REQUESTX 命令。显然,Windows 7 确实不支持核心协议。无论如何,任何额外的信息将不胜感激。
I have started the development of a SMB server for an old Z80 based machine. This machine runs a very simple, MS-DOS like operating system (no multitask, no concept of users, FAT filesystem only, no unicode, 8.3 filenames only) and has limited memory, therefore my first idea is to implement just the SMB core protocol. I will use TCP transport.
As for now, I have just a very short testing code that just replies to the SMB_COM_NEGOTIATE command, indicating that the core protocol ("PC NETWORK PROGRAM 1.0") is the desired dialect. In order to test it, I try to connect from a Windows 7 machine, by opening a explorer window and typing "\\<server IP>" in the address bar. I have verified with Wireshark that the server receives the negotiate command and sends an (apparently) correct response.
The problem: as soon as the Windows client receives the response, it shows a generic "Can't access resource" error message (with error code 0x80004005) and then nothing happens (no further SMB messages are sent). I was expecting to receive SMB_COM_TREE_CONNECT or a similar command.
I was thinking that maybe Windows 7 does not support the core protocol (it is very old and it lacks any security feature whatsoever), but then, why does it list the core dialect name in the negotiate request? Maybe I am missing some step? Must the server send any additional packet after the negotiate response?
The client OS is Windows 7 Ultimate 64 bits, and here are the Wireshark dumps of both the request and the response in case anyone can spot anything wrong in the process:
The request:
The response:
UPDATE: If I select the NT LM 0.12 dialect instead of the core dialect, I receive a SESSION_SETUP_AND_REQUESTX command from the client. So apparently it seems that indeed, the core protocol is not supported by Windows 7. Anyway, any extra information will be appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我相信 Windows 7 确实支持核心协议。根据 此处。
根据 Windows 7 连接到 Samba 服务器的问题,我认为指定核心协议的问题是由于 Windows 7 计算机上的 LANMAN 工作站/客户端设置造成的。
建议的更改是
网络安全:LAN Manager身份验证级别发送LM&amp; NTLM 响应【HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa \【LmCompatibilityLevel】值更改为0,按照此处将以下参数添加到注册表中的 LanmanWorkStation 和 NetLogon
HKLM\System\CCS\Services\LanmanWorkstation\ParametersDWORD 域兼容性模式 = 1DWORD DNSNameResolutionRequired = 0HKLM\System\CCS\Services\Netlogon\ParametersDWORD RequireSignOnSeal = 0DWORD RequireStrongKey = 0此处列出了通过注册表和安全策略对这些设置可能进行的更改此处
这些更改应确保 LanmanWorkstation 不使用 NTLMv2 会话安全性。
I believe Windows 7 does support the Core Protocol. It downgrades to SMB 1.0 when connecting to older servers as per here.
Based on the issues that Windows 7 has with connecting to Samba servers, I believe the issue with the specifying the core protocol is due the LANMAN workstation / client settings on the Windows 7 machine.
Recommended changes would be
Network security: LAN Manager authentication level Send LM & NTLM responses【HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa \【LmCompatibilityLevel 】value of the registry key to 0 as per hereAdding the following parameters to LanmanWorkStation and NetLogon in the registry
HKLM\System\CCS\Services\LanmanWorkstation\ParametersDWORD DomainCompatibilityMode = 1DWORD DNSNameResolutionRequired = 0HKLM\System\CCS\Services\Netlogon\ParametersDWORD RequireSignOnSeal = 0DWORD RequireStrongKey = 0Possible changes to these settings both via registry and via security policy are listed here
These changes should ensure LanmanWorkstation doesn't use NTLMv2 session security.
此信息与@Appleman1234 提供的基本相同(谢谢!),只是更容易应用一点。
.bat文件中,它将导出到您的C:驱动器,我们准备修改的 3 个注册表项。.reg文件中并将其导入到您的注册表中。This info is basically the same as @Appleman1234 provided (thanks!), just a bit easier to apply.
.batfile and it will export to yourC:drive the 3 reg keys we are getting ready to modify..regfile and import it to your registry.