Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 207695 - net-analyzer/nbtscan-1.5.1-r1 should set NetBIOS broadcast flag to "unicast"
Summary: net-analyzer/nbtscan-1.5.1-r1 should set NetBIOS broadcast flag to "unicast"
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Netmon project
URL:
Whiteboard:
Keywords: PATCH
Depends on:
Blocks:
 
Reported: 2008-01-27 15:29 UTC by adam
Modified: 2022-02-03 10:10 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
The patch in proper patch format (nbtscan-statusq.h.patch,364 bytes, patch)
2008-01-29 10:11 UTC, adam 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description adam 2008-01-27 15:29:36 UTC 
Nbtscan has an incorrect flag setting, meaning the program works differently than intended to, when compared to its windows version equivalent.
Please see below for patch that corrects the setting to its intended value.

Reproducible: Always

Steps to Reproduce:
1. ./nbtscan 192.168.1.1/24

Actual Results:  
nbtscan 192.168.1.1/24
>> Doing NBT name scan for addresses from 192.168.1.1/24
>>
>> IP address       NetBIOS Name     Server    User             MAC address
>> ---------------------------------------------------------------------------
>> --- 192.168.1.0     Sendto failed: Permission denied
>> 192.168.1.2      DHARMA           <server>  DHARMA
>> 00-00-00-00-00-00
>> 192.168.1.17     BIGCAKE          <server>  BIGCAKE
>> 00-00-00-00-00-00
>> 192.168.1.176    ANTIMATTER       <server>  ANTIMATTER
>> 00-00-00-00-00-00
>> 192.168.1.158    LEMON            <server>  <unknown>
>> 00-0c-29-f3-34-31
>> 192.168.1.192    HELLFIRE2        <server>  <unknown>
>> 00-0c-29-8e-06-fe
>> 192.168.1.175    SUPERMAN         <server>  <unknown>
>> 00-ae-24-41-f2-3a

Expected Results:  
$ ./nbtscan 192.168.1.1/24
>> Doing NBT name scan for addresses from 192.168.1.1/24
>>
>> IP address       NetBIOS Name     Server    User             MAC address
>> ---------------------------------------------------------------------------
>> --- 192.168.1.0     Sendto failed: Permission denied
>> 192.168.1.2      DHARMA           <server>  DHARMA
>> 00-00-00-00-00-00
>> 192.168.1.17     BIGCAKE          <server>  BIGCAKE
>> 00-00-00-00-00-00
>> 192.168.1.163    CORVIS           <server>  <unknown>
>> 00-15-99-3d-df-57
>> 192.168.1.158    LEMON            <server>  <unknown>
>> 00-0c-29-f3-34-31
>> 192.168.1.176    ANTIMATTER       <server>  ANTIMATTER
>> 00-00-00-00-00-00
>> 192.168.1.175    SUPERMAN         <server>  <unknown>
>> 00-ae-24-41-f2-3a
>> 192.168.1.188    DIMEBAR          <server>  <unknown>
>> 00-0f-1f-28-b1-6a
>> 192.168.1.192    HELLFIRE2        <server>  <unknown>
>> 00-0c-29-8e-06-fe

The following patch corrects the incorrect flag setting:

$ diff nbtscan-1.5.1-r1/statusq.h nbtscan-1.5.1-test/statusq.h
17c17
< #define       FL_BROADCAST            0x0010
---
> > #define       FL_BROADCAST            0x0000
Comment 1 adam 2008-01-29 10:11:48 UTC 
Created attachment 142093 [details, diff]
The patch in proper patch format
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2009-05-26 04:04:14 UTC 
Could you please describe in more detail what the problem is and how your patch fixes it?
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2014-07-14 13:02:20 UTC 
According to RFC 1002, it looks like you're setting the Broadcast Flag to unicast instead of broadcast/multicast. And comparing the output of your nbtscan calls, you gain two listed servers with the patch applied. What would be interesting to find out is why these servers don't respond when the broadcast/multicast flag is set.
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-02-03 10:10:07 UTC 
If this is still applicable, please forward it to (the new) upstream: https://github.com/resurrecting-open-source-projects/nbtscan.