RoadRunner’s DNS wildcard at 24.28.199.152 breaks Samba

12 March 2008 at 12:21 pm (Gentoo) (, , , , , , )

Today I tried to mount an smbfs share on my local network that has always worked before. I was greeted with the following error:

timeout connecting to 24.28.199.152:445
timeout connecting to 24.28.199.152:139
Error connecting to 24.28.199.152 (Operation already in progress)
5624: Connection to windowsbox failed
SMB connection failed

What? Why is Samba trying to connect to a machine outside of my LAN? And why that particular machine? My imagination conjures black hats and various compromise scenarios.

It turns out my ISP, Road Runner, has started using a DNS wildcard, which Road Runner is variously calling their “web address error redirect service”, or “non-existing domain landing service”, or “NXD”. This “service” is implemented automatically without the customer’s input, and it takes the input URL as a search term to return the same irrelevent, misleading, and downright useless search results you’ve come to know from domain parking. The searches are powered by Yahoo, and Road Runner takes a cut of the profits. You can opt out, apparently. The wildcard server is at 24.28.199.152, so that’s why that IP shows up.

But why was Samba doing DNS searches off my LAN, across the Internet? Well, I’ve now learned that’s default behavior for the whole Samba suite, including mount.smbfs and smbclient. Take a look at the “name resolve order” option in the smb.conf man page. The default setting prioritizes DNS requests over LAN broadcasts as a means of name resolution. I think that means that every time I’ve ever done an smbfs mount, I’ve sent a DNS request to Road Runner, saying “where is my windowsbox?” And in the past, Road Runner always said, “we don’t know”, so the smbfs mount command next tried broadcasting on the LAN, and then always found the target machine during that final step. I never noticed before, because Road Runner only recently started saying “hey, maybe your windowsbox is right over here at 24.28.199.152”, thus misdirecting Samba and breaking my network.

Well, let’s fix it. It’s easy. We’ll just add a line to /etc/samba/smb.conf and change the default behavior. We want to cut out DNS searches completely, and leave other behaviors untouched. Here’s the line:

name resolve order = wins lmhosts bcast

If you’re having similar problems, I’d recommend both fixing Samba, so the network stops leaking, and opting out of RoadRunner’s NXD junk.

Advertisements

Permalink 1 Comment

Incognito: a Tor LiveCD

3 October 2007 at 8:47 am (Gentoo, Tor) (, , , )

I want to quickly give a plug for Incognito, a very handy anonymity tool. It’s a Live CD, which means you burn it to disc with a standard CD burning tool, then boot your computer with the CD in the drive, and this separate operating system starts up; take out the disc and reboot, and your normal operating system (such as Windows or Ubuntu) is running again.

The most notable feature of Incognito is that by default, all your network traffic is routed through Tor. This basically means that to prying eyes, snoopers, and eavesdroppers, your IP address is concealed.

For those users already familiar with Tor, the appeal of Incognito is to have a bootable anonymity toolkit available to you wherever you go, at any computer. It works very well, and as of right now, it is being actively maintained by the friendly Pat Double. Go check it out.

Permalink 1 Comment