Server Message Block (SMB)#

🔹 Overview#

SMB (Server Message Block) is a client-server protocol for accessing:
- Files and directories
- Printers and other shared network resources
Enables inter-process communication over a network.
Initially popularized via OS/2 LAN Manager and later widely used in Microsoft Windows.
Backward compatibility in Windows allows newer systems to communicate with older ones.

Enables file/service access over the network between SMB-enabled systems.

Uses TCP/IP for transport (typically over port 445).

Access is managed using Access Control Lists (ACLs) with permissions like:

read, write, execute, full control

Samba is an open-source SMB server for Linux/Unix.

Implements CIFS (Common Internet File System), a dialect of SMB.

Enables cross-platform communication with Windows systems.

Provides:

SMB file/print sharing

Active Directory integration

Daemon	Role
`smbd`	Handles SMB protocol and file sharing
`nmbd`	Handles NetBIOS name resolution
`winbindd`	Manages user/group info from AD
`samba`	Manages AD DC (in Samba 4)

Option	Description
`workgroup`	Name of SMB workgroup/domain
`path`	Directory to share
`browseable`	Whether share is visible in network
`guest ok`	Allow unauthenticated access
`read only`	Prevent modification of files
`create mask`	File permission mask
`directory mask`	Directory permission mask
`map to guest`	Maps unknown users to guest account

Setting	Risk
`browseable = yes`	Attackers can enumerate visible shares
`read only = no` or `writable = yes`	Allows file creation/modification
`guest ok = yes`	Allows anonymous access
`create mask = 0777` / `directory mask = 0777`	Full permission to all users
`enable privileges = yes`	May allow elevated privileges
`magic script` / `logon script`	Risk of executing unauthorized scripts