[OT] Is Samba client not following the protocol?

[Gordon Messmer]

Deepak Shrestha wrote:
> 
> Not really a false expectation. Its more of a curiosity about why
> network browser in linux is showing the stuffs which are not even
> needed by the user. I will accept that if my folder$ will show but
> what about C$, D$, E$ so on an so forth which was not even shared from
> windows machine?
> 
> What I mean is if a guest connects to my network (with a linux pc as
> client), he can see how many drives I have, what share names are used
> and what are hidden shares at a glance. So why should I need to give
> such information for a visitor who will just use the network for a
> time being only?

I know this is late to the discussion, but...

smbclient does not and can not know what is "needed by the user".  The 
-L option lists all of the shares that the server reports, and nothing 
more than that.

You could modify smbclient to not report shares that end in '$', like 
the windows browser normally does, but what do you do when your guests 
connect to your network with a tool other than smbclient?

Security isn't something you can build into the client.  You can't rely 
on a client to "obey the rules" in any protocol.  If you want 
restrictions to be enforced on your data, then *you* must do the 
enforcing on *your* machines.  That's the only place where you have any 
control at all.

That's why it's so important to understand what tools are available to 
attackers, and to use those tools on your own hosts.  If you've never 
done that, then you don't know how much you're really leaving out there.

smbclient was never causing a problem, it was just telling you that 
there *was* a problem that you hadn't noticed before.