From Wikipedia, the free encyclopedia

In computer networking, Server Message Block (SMB) operates as an application-level network protocol mainly applied to shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. It also provides an authenticated Inter-process communication mechanism. Most usage of SMB involves computers running Microsoft Windows: in Microsoft environments users often know it simply as "Microsoft Windows Network".

When discussing SMB, one should distinguish:

• SMB the protocol
• the SMB services that run on the protocol
• NetBIOS
• the DCE/RPC services that use SMB as an authenticated Inter-process communication channel (over named pipes)
• the "Network Neighborhood" protocols which primarily (but not exclusively) run as datagram services directly on the NetBIOS transport

Contents 1 History 2 Implementation 2.1 Client-server approach 2.2 Performance issues 2.3 Microsoft's modifications 2.4 Points of interest 3 Versions and implementations 4 References 5 See also 6 External links

Barry Feigenbaum originally invented SMB at IBM with the aim of turning DOS "Interrupt 33" (21h) local file-access into a networked file-system. Microsoft has made considerable modifications to the version used most commonly. Microsoft merged the SMB protocol with the LAN Manager product which it had started developing with 3Com circa 1990, and continued to add features to the protocol in Windows for Workgroups (circa 1992) and in later versions of Windows.

The original design of SMB envisaged it running on top of the NetBIOS and NetBEUI APIs (typically implemented with NBF, NetBIOS over IPX/SPX, or NBT), though SMB can also run directly on the TCP/IP protocols, a feature introduced with Windows 2000.

At around the time when Sun Microsystems announced WebNFS [1], Microsoft launched an initiative in 1996 to rename SMB to Common Internet File System (CIFS), and added more features, including support for symbolic links, hard links, larger file sizes, and an attempt at supporting direct connections without all the NetBIOS trimmings (a largely experimental effort that required further refinement). Microsoft submitted some partial specifications as Internet-Drafts to the IETF^[1], though these submissions have expired.

Because of the importance of the SMB protocol in interacting with the widespread Microsoft Windows platform, coupled with the heavily modified nature of the SMB implementation present in that platform, the Samba project originated with the aim of reverse engineering and providing a free implementation of a compatible SMB client and server for use with non-Microsoft operating systems.

With Windows Vista (released in 2006), Microsoft introduced Server Message Block 2.0.

SMB works through a peer-to-peer approach, where a client makes specific requests and the server responds accordingly. One section of the SMB protocol specifically deals with access to filesystems, such that clients may make requests to a file server; but some other sections of the SMB protocol specialise in inter-process communication (IPC). Developers have optimized the SMB protocol for local subnet usage, but users have also put SMB to work to access different subnets across the Internet — exploits involving file-sharing or print-sharing in MS Windows environments usually focus on such usage.

SMB servers make their file systems and other resources available to clients on the network. Client computers may want access to the shared file systems and printers on the server, and in this primary functionality SMB has become best-known and most heavily used. However, the SMB file-server aspect would count for little without the NT domains suite of protocols, which provide NT-style domain-based authentication at the very least. The NT Domains protocols offer MSRPC services available almost exclusively available on SMB IPC "named pipe", and almost all implementations of SMB servers use NT Domain authentication to validate user-access to resources.

Many people believe that the SMB protocol makes heavy use of network bandwidth because each client broadcasts its presence to the whole subnet. SMB itself does not use broadcasts. The broadcast problems commonly associated with SMB actually originate with the NetBIOS service location protocol. By default, a Microsoft Windows server will use NetBIOS to advertise and locate services. NetBIOS functions by broadcasting services available on a particular host at regular intervals. While this usually makes for an acceptable default in a network with fewer than 20 hosts, broadcast traffic will cause problems as the number of hosts increases. A proper implementation of a NetBIOS Name Server (NBNS) can mitigate this problem — for example Windows Internet Naming Service (WINS) offers a suitable solution in Microsoft environments. WINS uses a much more advanced system of registration and centralized service requests, but imposes its own complexity upon the design and maintenance of the network. Microsoft recommends the use of Dynamic DNS, another viable option, in Microsoft Active Directory environments.

Network designers should expect that latency will have a significant impact on the performance of the SMB protocol. Monitoring reveals this most commonly in cases of navigating among directories through SMB when significant network latency exists between hosts. For example, a VPN connection over the Internet will often introduce network latency, which can make for a frustrating experience.

Microsoft has added several extensions to its own SMB implementation. For example, it added NTLM Version 2 because NTLM version 1 (derived from the original legacy SMB specification's requirement to use IBM "LanManager" passwords) uses DES in a flawed manner. Additionally, the NT 4.0 Domain Logon protocols use 40-bit encryption outside of the United States of America, which does not conform with modern security standards.

SMB's "Inter-Process Communication" mechanism deserves a specific mention. The SMB "IPC" system provides named pipes. SMB's IPC mechanism provides one of the first few inter-process mechanisms commonly available to programmers that provides a means for services to inherit the authentication carried out when a client first connected to an SMB server. The inherited authentication in named pipes has become so ubiquitous and transparent that both Windows-users and programmers who use the Windows API often simply take it for granted.^{[citation needed]}

Some services that operate over named pipes, such as those which use Microsoft's own implementation of DCE/RPC over SMB, known as MSRPC over SMB, also allow MSRPC client programs to perform authentication, which over-rides the authorization provided by the SMB server, but only in the context of the MSRPC client program that successfully makes the additional authentication.

Packet-signing has a significant deleterious effect on SMB over TCP, because it enforces serialization. However, because Windows Servers use SMB to transmit system policies at login, they normally have packet-signing enabled (used to prevent Man-in-the-middle attacks). SMB2 is designed to partly overcome this performance limitation by coalescing SMB signals into single packets.

As another point of interest, SMB supports opportunistic locking — a special type of locking-mechanism — on files in order to improve performance.

SMB serves as the basis for Microsoft's Distributed File System implementation.

The list below explicitly refers to "SMB" as including an SMB client or an SMB server, plus the various protocols that extend SMB, such as the Network Neighborhood suite of protocols and the NT Domains suite. For simplicity and conciseness and vagueness, however, the list omits mention of the extent or completeness of the reimplementation or porting status for any of these implementations, "lumping" them all together simply as "SMB".

• Samba, which re-implements the SMB protocol and the Microsoft extensions to it as free software, includes an SMB server and a command-line SMB client.
• Samba TNG: a fork of Samba.
• The Linux kernel includes two SMB client implementations that use the Linux VFS, providing access to files on an SMB server through the standard file system API: smbfs and cifs.
• ONStor Inc. offers an SMB implementation that also supports NFS protocol so users can access the same data through both protocols.
• Novell NetWare version 6 and newer has a CIFS server implementation providing access to NetWare volumes for Microsoft Network clients.
• FreeBSD includes an SMB client implementation called smbfs that uses its VFS.
• NetBSD and Mac OS X include SMB client implementations called smbfs, originally derived from the FreeBSD smbfs; they use the NetBSD and OS X VFS.
• Solaris has a project called CIFS client for Solaris, based on the Mac OS X smbfs.
• OpenSolaris added in-kernel CIFS server support in October 2007.
• Sun Microsystems Cascade, which became known as PC-Netlink, represents a port of Advanced Server for Unix. Sun took over two years making the code useful, due to the poor quality of the original port.
• FreeNAS, a dedicated small-sized NAS server, runs FreeBSD for Network-attached storage (NAS) services, and supports protocols including CIFS/Samba
• Advanced Server for Unix (AS/U) comprises a port of Windows NT 3.51's SMB server code to Unix. Microsoft licensed the code to AT&T, which then licensed it to major Unix vendors. The poor quality of the original port (allegedly^{[citation needed]} carried out by Microsoft itself) has caused any vendor sub-licensing it significant grief.^{[citation needed]}
• VERITAS Software has an implementation of SMB.
• SCO has a port of Advanced Server for Unix.
• SCO also has VisionFS, a Microsoft-independent re-implementation of SMB developed through reference to Samba source code.^{[citation needed]}
• Network Appliance has an SMB server implementation
• Objective Development's Sharity provides an SMB file-system client for Unix.
• The Alfresco content-management system includes a Java implementation of SMB
• JCIFS offers an implementation of SMB in Java
• RTSMB, a CIFS/SMB implementation written in ANSI C. EBS designed RTSMB from scratch, independently of MS or SAMBA design reference, to run in embedded devices.
• Visuality Systems NQ CIFS, a CIFS (SMB) server and client solution for embedded devices — ported to many popular real-time operating systems (RTOSs)
• Thursby Software Systems offers a commercial implementation of SMB/CIFS for Mac OS.

• Shared file access
• NetBIOS
• AppleTalk
• Network File System (NFS)
• Remote File System (RFS)
• Samba
• Starfish

• Hertel, Christopher (2003). Implementing CIFS — The Common Internet FileSystem. Prentice Hall. ISBN 0-13-047116-X. (Text licensed under the Open Publication License, v1.0 or later, available from the link above.)
• Technical details about SMB/CIFS
• CIFS acceleration for slow WAN links
• Common Internet File System (CIFS) File Access Protocol - Technical details from Microsoft Corporation
• the NT LM 0.12 dialect of SMB. In Microsoft Word format
• Samba development information
• Introduction to the Common Internet File System (CIFS): Leverage the Power of this Popular Network File Sharing Protocol Online introduction to CIFS: Lecture/blog by Ron Fredericks
• Zechner, Anton (2007). "Source-code of a free SMB server for small embedded systems"