This article comprises the Read Me for AppleShare IP Web & File 6.1.1 Update. This software was released by Apple on 23 February 1999 and is available for download from the Apple Software Updates Web site at http://www.apple.com/swupdates .

Requires:

North American English version of Mac OS 8.1, 8.5, 8.5.1 North American English version of AppleShare IP 6.1

Description:

Resolves two issues in version 6.1 of the AppleShare IP Web & File Server:

1) The AppleShare IP 6.1 Web & File Server may overflow the memory limits set on its cache size.

2) The AppleShare IP 6.1 Web & File Server may become unresponsive (or deaf) to AFP over TCP and Windows File Sharing (SMB) login requests. This update also eliminates the vulnerability of the AppleShare IP 6.1 Web & File server to a denial of service attack known as Winnuke.

Article 60017: AppleShare IP 6.1: Read Me contains additional information which may be useful.

About AppleShare IP Web & File 6.1.1 Update

CONTENTS

• About AppleShare IP Web & File 6.1.1
• Update Background on the Winnuke Attack
• Requirements for running the update
• Installing AppleShare IP Web & File 6.1.1 Update

The AppleShare IP Web & File 6.1.1 Update is an extension that resolves two issues in version 6.1 of the AppleShare IP Web & File Server:

1) The AppleShare IP 6.1 Web & File Server may overflow the memory limits set on its cache size.

This causes it to use memory set aside for other applications and may prevent other applications from launching.

In this situation, the About This Computer window will show that the memory size for the Mac OS takes up enough RAM such that the remaining RAM is less than tha amount reserved for other applications.

For example, on a server with 128 MB RAM and Reserved memory for other applications set to 24 MB, the Mac OS may show that it takes more than 104 MB.

2) The AppleShare IP 6.1 Web & File Server may become unresponsive (or deaf) to AFP over TCP and Windows File Sharing (SMB) login requests.

Although the server no longer accepts new AFP over TCP and SMB login requests, existing connections are not affected. New AFP connections will connect via AppleTalk instead of TCP, and new SMB connections will receive an error message, such as <servername> is not accessible or "The network path was not found". Sometimes, instead of an error, Windows clients will be repeatedly asked for their password under this condition.

AFP over AppleTalk, FTP, and web access are not affected by this issue.

This update also eliminates the vulnerability of the AppleShare IP 6.1 Web & File server to a denial of service attack known as Winnuke. The likelihood of experiencing a Winnuke attack is small - it requires a deliberate malicious action, and the attacker has to have some knowledge of your system. This patch protects all services in the Web & File server from this kind of attack, but such attacks are most common with Windows file sharing.

Background on the Winnuke Attack

A Winnuke Attack is a malicious attempt to crash a server by sending it data which it cannot handle. Specifically, a high-priority message is sent over TCP/IP (also called an out of band message) to the Windows file sharing port. Since priority messages are not a normal part of the Windows file sharing protocol (SMB), there is no established way to handle such messages, and the server considers this to be a fatal error.

This update makes the server ignore all out of band messages, which will not affect ordinary operation and will prevent the server from interpreting such a message as a fatal error.

Requirements for running the update

• CPU: Any Apple Power Macintosh computer or Macintosh Server with a PowerPC G3, 604e, 604, 603e 6500 series, or 601 microprocessor
• System Software: North American English version of Mac OS 8.1, 8.5, 8.5.1
• AppleShare IP: North American English version of 6.1

For AppleShare IP 6.1 Web & File only.

1. Stop the AppleShare IP 6.1 Web & File Server.

2. Drag the file AppleShare IP Web & File on the closed system folder in which your AppleShare IP 6.1 server is installed. Click OK when prompted to put the file in the Extensions folder and to replace any earlier versions of this extension.

3. If you have previously installed the file ASIP 6 Web & File Update 1, remove that extension from the Extensions folder.

4. Restart your computer.