[ipv6hackers] Scanning for IPv6 addresses embedding TCP/UDP service ports

Fabian Wenk fabian at wenks.ch
Sun Mar 17 23:00:41 CET 2013


Hello Jim

On 17.03.2013 21:44, Jim Small wrote:
> So the real question is, just because Samba binds the NetBIOS
> Session Service to an IPv6 socket, does it actually work?  A

It does work!

I think that on TCP/445 this is direct SMB over TCP and does not 
need NetBIOS any more, so this is probably why it is working.

I tried only from the same host, as I did not had a useful 
version of smbclient available somewhere else in my LAN. Finder 
from Mac OS X could not connect to the IPv6 hostname.


 From the client side:

fabian at superman:~ $ host superman.ip6
superman.ip6.wenks.ch has IPv6 address 2001:8a8:1005:2::180
superman.ip6.wenks.ch has IPv6 address 2001:8a8:1005:1::3
fabian at superman:~ $ smbclient //superman.ip6/download -U fabian
Enter fabian's password:
Domain=[WENKS] OS=[Unix] Server=[Samba 3.6.12]
smb: \>


And on the server:

root at superman:~ # smbstatus
WARNING: No path in service IPC$ - making it unavailable!

Samba version 3.6.12
PID     Username      Group         Machine
-----------------------------------------------------------------
26621    fabian      fabian      superman    (2001:8a8:1005:1::3)

Service      pid     machine       Connected at
-------------------------------------------------------
download     26621   superman      Sun Mar 17 22:19:04 2013

No locked files

root at superman:~ #


And netstat on the server (output a little bit squeezed to 
hopefully avoid line wrap):

root at superman:~ # netstat -an | egrep "139|445"
tcp6 0 0 2001:8a8:1005:1:.445  2001:8a8:1005:1:.54734 ESTABLISHED
tcp6 0 0 2001:8a8:1005:1:.54734 2001:8a8:1005:1:.445  ESTABLISHED
tcp4 0 0 *.139                  *.*                   LISTEN
tcp4 0 0 *.445                  *.*                   LISTEN
tcp6 0 0 *.139                  *.*                   LISTEN
tcp6 0 0 *.445                  *.*                   LISTEN
root at superman:~ #


I just got the below output from a friend from his Windows Server 
2008R2 (which also has IPv6). He could force the connect to IPv6 
with (output anonymized):

net use b: \\2002-xxxx-xxxx-xxx--xxx.ipv6-literal.net\share

PS C:\Users\Administrator> netstat -an | where {$_ -match "445"}
   TCP    0.0.0.0:445            0.0.0.0:0              LISTEN
   TCP    [::]:445               [::]:0                 LISTEN
   TCP    [2002:xxxx:xxxx:xxx::xx]:445 
[2002:xxxx:xxxx:xxx:xxxx:xxxx:xxxx:xxxx]:60836  ESTABLISHED

Already with normal usage it does prefer to connect over IPv6, if 
both protocols are available. He also told me, when IPv6 is 
disabled on the interface for an Exchange system, it will not 
work and give lots of strange error messages. :)


bye
Fabian



More information about the Ipv6hackers mailing list