published
priority 1
30 min. 50 XP.
Samba Share Basics. Keep SMB Login Green
The #1 scoring check by weight is SMB Login (3× points). This lesson teaches you to verify Samba is running, add the scoring users, define the `files` share, and prove external access. all in under 10 minutes.
DCWF roles:
IT-411 Technical Support Specialist
IT-451 System Administrator
CS-462 Control Systems Security Specialist
CE-463 Host Analyst
Services:
SMB LoginSMB ReadSMB Write
Objectives
- Verify `smbd` is running and listening on port 445
- Add a Samba user with `smbpasswd -a`
- Understand the two-permission-layer model (Linux fs + smb.conf)
- Create the `addict_with_a_pen.data` file the scoring engine expects
- Confirm external connectivity through the MikroTik router
Quick reference
| Command | Purpose |
|---|---|
| systemctl status smbd | Is Samba running? |
| ss -tlnp | grep :445 | Is port 445 listening? |
| testparm -s | Validate smb.conf syntax + show parsed config |
| pdbedit -L | List Samba users |
| smbpasswd -a <user> | Add Samba user (prompts for password) |
| smbclient -L //localhost -U <user> | List shares as that user |
| smbclient //host/share -U <user> -c 'get <file>' | Retrieve a file |
Common pitfalls
- Linux filesystem permissions block the share even when smb.conf is correct
- Adding a Linux user without also running `smbpasswd -a`. scoring engine can't log in
- `interfaces = eth0` + `bind interfaces only = yes` while eth0 is actually named ens3
- `min protocol = SMB3` excludes older clients; scoring engine may speak SMB2 or NT1
- Leaving `guest ok = yes`. OK for testing, red team abuses it
Skill drills
-
1. Samba's config parser tool is called ____?testparm
-
2. What port is SMB on?445
-
3. What file does the scoring engine look for in the `files` share?addict_with_a_pen.data
-
4. Name of the daemon that serves SMB on Linux?smbd
NCAE scoreboard patterns this lesson prevents
- 13,266.7 SMB Login. SMB operation failed: [Errno 111] Connection refused
- 3,637.5 SMB Login. SMB operation failed: [Errno 113] Host is unreachable
- 829.2 SMB Login. SMB connection failed: protocol error
- 183.3 SMB Login. Failed to connect to host: IP
- 120.8 SMB Login. SMB operation failed: timed out
- 116.7 SMB Login. SMB operation failed: Failed to list shares: Unable to locate Server Service RPC endpoint
- 100 SMB Login. SMB operation timed out in 5 seconds
- 91.7 SMB Login. SMB operation failed: Failed to list shares: Unable to connect to IPC$
- 16.7 SMB Login. SMB operation failed: Failed to list shares: Unable to bind to Server Service RPC endpoint
- 8.3 SMB Login. SMB operation failed: [Errno 104] Connection reset by peer