Server Message Block

From Wikipedia, the free encyclopedia

Server Message Block (SMB) is an application-level network protocol mainly applied to shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. It also provides an authenticated Inter-process communication mechanism. It is mainly used by Microsoft Windows equipped computers, where it's known simply as "Microsoft Windows Network".

Contents

[edit] History

SMB was originally invented by Barry Feigenbaum at IBM to turn DOS "Interrupt 33" local file access into a networked file system, but the most common version is modified heavily by Microsoft. Microsoft merged the SMB protocol with the LAN Manager product they had been developing with 3Com, and continued to add features to the protocol in Windows for Workgroups and later versions of Windows.

SMB was originally designed to run on top of the NetBIOS protocol (which itself is typically run on NetBEUI, IPX/SPX or TCP/IP (NetBIOS over TCP/IP), though SMB can also run on top of TCP/IP directly, a feature introduced with Windows 2000. "SMB the protocol" is not to be confused with the SMB services that run on it, nor with NetBIOS, nor with the DCE/RPC services that use SMB as an authenticated Inter-process communication channel (over named pipes), nor with the "Network Neighborhood" protocols which primarily but not exclusively run as datagram services directly on the NetBIOS transport.

At around the time when Sun Microsystems announced WebNFS [1], Microsoft launched an initiative in 1996 to rename SMB to Common Internet File System (CIFS)[1], and added more features, including support for symbolic links, hard links, larger file sizes and an attempt at supporting direct connection without all the NetBIOS trimmings — an effort that was largely experimental and required further refinement. Microsoft submitted some partial specifications as Informational RFCs to the IETF[2], though this submission has expired.

Because of the importance of the SMB protocol in interacting with the dominant Microsoft Windows platform, coupled with the heavily modified nature of the SMB implementation present in that platform, the Samba project was created to reverse engineer and provide a free implementation of a compatible SMB client and server for use with non-Microsoft operating systems.

It was reported on April 4, 2007 that Microsoft, IBM, and Novell were working with web developers and application developers on new identity management options for SMBs. They want to create a technology which is called Information Cards. It will provide a standardised "metasystem" so that different identity systems can work together and establish a user-friendly way of creating and using digital identities.)[3]

[edit] Implementation

[edit] Client-server approach

SMB works through a client-server approach, where a client makes specific requests and the server responds accordingly. One section of the SMB protocol is specifically for filesystem access, such that clients may make requests to a file server, but there are other sections of the SMB protocol that specialise in inter-process communication — IPC. The SMB protocol was optimized for local subnet usage, but one could use it to access different subnets across the Internet — on which MS Windows file-and-print sharing exploits usually focus.

SMB servers make their file systems and other resources available to clients on the network. Client computers may have their own hard disks, which are not publicly shared, yet also want access to the shared file systems and printers on the server, and it is for this primary purpose that SMB is best known and most heavily used. However, the SMB file server aspect would be as nothing if it was not for the NT Domains suite of protocols, which provide NT-style Domain-based authentication at the very least. The NT Domains protocols are MSRPC services that are almost exclusively available on SMB IPC "named pipes", and almost all implementations of SMB servers use NT Domain authentication to validate user access to resources.

[edit] Performance issues

It is often believed that the SMB protocol makes heavy use of network bandwidth because each client broadcasts its presence to the whole subnet. SMB itself does not use broadcasts. The broadcast problems commonly associated with SMB are actually caused by the NetBIOS service location protocol. By default, a Microsoft Windows server will use NetBIOS to advertise and locate services. NetBIOS functions by broadcasting services available on a particular host at regular intervals. While this is usually an acceptable default for a network with less than 20 hosts, broadcast traffic will cause problems as the number of hosts increases. This problem can be mitigated by a proper implementation of the Windows Internet Naming Service (WINS) service location protocol. WINS uses a much more advanced system of registration and centralized service requests, but imposes its own complexity upon the design and maintenance of the network. Dynamic DNS is also a viable option and the Microsoft-recommended method in Microsoft's Active Directory environment. Network latency should be expected to have a significant impact on the performance of the protocol. This is most often observed while navigating among folders through SMB when there is significant network latency between the hosts. For example, a VPN connection over the Internet will often introduce network latency, which can make for a frustrating experience.

[edit] Microsoft's modifications

Microsoft has added several extensions to its own SMB implementation. For example, NTLM Version 2 was added because NTLM version 1 (which is derived from the original legacy SMB specification's requirement to use IBM "LanManager" passwords) uses DES in a flawed manner. Additionally, the NT 4.0 Domain Logon protocols use 40-bit encryption outside of the United States, which is insecure by modern standards.

[edit] Points of interest

SMB's "Inter-Process Communication" mechanism deserves a specific mention. Over the SMB "IPC" system, named pipes are provided. SMB's IPC mechanism is one of the first few inter-process mechanisms commonly available to programmers that provides a means for services to inherit the authentication that was carried out when a client first connects to an SMB server. Named pipes inherited authentication is so ubiquitous and transparent that it is often simply taken for granted by programmers using the Windows API and Windows users alike.

Bizarrely, though, some services that operate over named pipes, such as those which use Microsoft's own implementation of DCE/RPC over SMB, known as MSRPC over SMB, also allow MSRPC client programs to perform authentication, which over-rides the authorization provided by the SMB server, but only in the context of the MSRPC client program that successfully makes the additional authentication.

SMB is also used as the basis for Microsoft's Distributed File System implementation.

[edit] Alternative versions and implementations

This list below explicitly refers to "SMB" to include an SMB client or an SMB server, plus the various protocols that make SMB useful, such as the Network Neighborhood suite of protocols and the NT Domains suite. For simplicity and conciseness however, no mention of the extent or completeness of the reimplementation or porting status is mentioned for any of these implementation, and they are all "lumped" together and referred to simply as "SMB".

  • Samba is a free reimplementation of the SMB protocol and the Microsoft extensions to it; it includes an SMB server and a command-line SMB client.
  • Samba TNG is a fork of Samba.
  • Linux includes two SMB client implementations that use its VFS, providing access to files on an SMB server through the standard file system API: smbfs and cifs.
  • ONStor Inc. has their own SMB implementation that also supports NFS protocol so the same data can be accessed through both protocols.
  • Novell NetWare version 6 and newer has CIFS server implementation providing access to NetWare volumes for Microsoft Network clients.
  • FreeBSD, NetBSD, and Mac OS X include SMB client implementations that use their VFSes, all called smbfs.
  • FreeNAS is a dedicated, small-sized OS for Network-attached storage (NAS) services, intended to let people re-use old computers as file servers. CIFS/Samba is among the supported protocols.
  • Advanced Server for Unix — AS/U is a port of Windows NT 3.51's SMB server code to Unix, which was licensed to AT&T, who then licensed it to major Unix vendors. The quality of the original port, believed to have been carried out by Microsoft itself, is very poor, and has caused any vendor sub-licensing it significant grief.
  • Sun Microsystems Cascade which became known as PC-Netlink is a port of Advanced Server for Unix. Sun took over two years making the code useful, due to the poor quality of the original port.
  • VERITAS Software has an implementation of SMB.
  • SCO has a port of Advanced Server for Unix.
  • SCO also has VisionFS, a Microsoft-independent reimplementation of SMB, developed through reference to Samba source code.[citation needed]
  • Network Appliance has an SMB server implementation.
  • Objective Development's Sharity is an SMB file system client for Unix.
  • http://jcifs.samba.org has an implementation of SMB in java.
  • EBS's RTSMB is a portable and highly configurable CIFS/SMB implementation written in ANSI C. RTSMB is designed from scratch, independently of MS or SAMBA design reference, to run in embedded devices.
  • Visuality Systems NQ CIFS is a complete commercial, highly portable CIFS (SMB) Server and Client solution for the embedded devices. Ported to many popular RTOS'.
  • Thursby Software Systems has a commercial implementation of SMB/CIFS for Mac OS.

[edit] References

  1. ^ CIFS: A Common Internet File System by Paul Leach and Dan Perry.
  2. ^
  3. ^ New identity management options for SMBs by Deb Shinder.

[edit] See also

[edit] External links

Retrieved from "http://en.wikipedia.org../../../s/e/r/Server_Message_Block_b980.html"