DOCSLIB.ORG

Windows Networks and Names

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Windows Networks and Names 2016-12-05 WINDOWS NETWORKS AND NAMES NetBIOS and NetBEUI • 1983: IBM’s PC-LAN networks uses NetBIOS - API (Application Programmer Interface) only - relies on other network protocols • Corresponds to Session layer of OSI model/netbeui • NetBIOS API provides: - Name registration, resolution service - Connection-oriented session service - Connectionless Datagram service • NetBEUI – NetBIOS services over IEEE 802.2 frames - not used anymore 1 2016-12-05 NetBIOS Over TCP/IP - NBT • supports NetBIOS connections on TCP/IP networks - Sometimes called “NetBEUI” or “NetBIOS” (oops) • 1987: RFCs 1001, 1002 • Uses well-known TCP and UDP ports: - port 137 - NetBIOS Name Service, NBNS » generally uses UDP - port 138 - NetBIOS Datagram Service » generally uses UDP - port 139 - NetBIOS Session Service » generally uses TCP » short sessions - port 445 - SMB exchanges NetBIOS, NetBEUI, and OSI • matched to OSI • Redirector - sends network requests to layers: appropriate server - 7 – Redirector • SMB - 6 – SMB - file and printer sharing » replaced by CIFS • NetBIOS - session, datagram, and name - 5 – NetBIOS services - 4 –(NetBEUI) • NetBEUI - 3 –(NetBEUI) - data transport, frame formatting - 2 – NDIS – works with NetBIOS » Network Driver Interface Specification • NDIS - MS interface to NICs - 1 – NIC 2 2016-12-05 SMB/CIFS Networking • Servers broadcast their name, advertise services - Entire group/domain sees broadcast • Windows Workgroup - Organizes computers into groups that can share - “My Network Places” folder on a Windows machine - Any node can join by choosing the workgroup name - Non-Windows nodes: Samba software provides CIFS support • Windows Domain - Based on a domain controller node, running Windows Server - Nodes must authenticate to the domain controller to join - All domain controllers are also DNS servers • Active Directory - Distributed organization of domain controllers NetBIOS Names • NetBIOS names are “flat” – no extension or suffix - Maximum length of 16 octets » MS: 15 characters for name, 16th octet gives node type - Disallowed characters are \ / : * ? " ; | and SPACE - Distinct from computer’s name, but usually set equal - Case-insensitive: “abcd”, “aBcD”, and “ABCD” are all the same name 3 2016-12-05 Windows Names NetBIOS Names • Original scheme: Windows host broadcasts its name at startup - This registers the name on the local network - Clients can also broadcast to look for servers • WINS: Windows Internet Name Service takes the place of broadcasts - More efficient 4 2016-12-05 Server Message Block • Application-layer protocol - Primarily for use on local networks • Uses TCP port 445 • Can also use NetBIOS via UDP ports 137 & 138 or TCP ports 137 & 139 • SMB and CIFS share files/folders and printers, based on NetBIOS names - Server Message Block – original protocol, used by Microsoft - Common Internet File System – current, cross-platform version • SAMBA - open-source implementation of SMB Wireshark – Windows Name Broadcast 5 2016-12-05 Windows Networking in the VM-LAN • Start your Linux client - Start Wireshark - Set the display filter as: (udp.port>=137 && udp.port<=139) • Start your Windows client - You should see NBNS and BROWSER frames in wireshark Active Directory and Integrated Zones • Standard DNS keeps a primary zone file on a domain’s primary DNS server - Secondary DNS servers mirror it with secondary zone files - Only the primary zone records can be updated • Active Directory-integrated zone allows all domain controllers to update DNS records - DHCP servers, new IP nodes can submit updates to one of the DNS servers 6 2016-12-05 LMHOSTS, WINS Servers and Proxies • LMHOSTS file on a client node - Text file, keeps listings of other NetBIOS nodes - Similar to DNS hosts file • WINS servers - Windows Internet Name Service - Maintain records of NetBIOS names - Clients register directly with WINS server instead of broadcasting - Can accept routed registrations • WINS proxy agents - Forward broadcast NetBIOS names to a WINS server - Needed to support nodes that don’t know about WINS servers WINS and TCP/IP • Windows 7 Advanced TCP/IP settings dialog • Use and configuration of WINS server and LMHOSTS file are managed here 7.
Load more

Recommended publications
  • OSI Model and Network Protocols
    CHAPTER4 FOUR OSI Model and Network Protocols Objectives 1.1 Explain the function of common networking protocols . TCP . FTP . UDP . TCP/IP suite . DHCP . TFTP . DNS . HTTP(S) . ARP . SIP (VoIP) . RTP (VoIP) . SSH . POP3 . NTP . IMAP4 . Telnet . SMTP . SNMP2/3 . ICMP . IGMP . TLS 134 Chapter 4: OSI Model and Network Protocols 4.1 Explain the function of each layer of the OSI model . Layer 1 – physical . Layer 2 – data link . Layer 3 – network . Layer 4 – transport . Layer 5 – session . Layer 6 – presentation . Layer 7 – application What You Need To Know . Identify the seven layers of the OSI model. Identify the function of each layer of the OSI model. Identify the layer at which networking devices function. Identify the function of various networking protocols. Introduction One of the most important networking concepts to understand is the Open Systems Interconnect (OSI) reference model. This conceptual model, created by the International Organization for Standardization (ISO) in 1978 and revised in 1984, describes a network architecture that allows data to be passed between computer systems. This chapter looks at the OSI model and describes how it relates to real-world networking. It also examines how common network devices relate to the OSI model. Even though the OSI model is conceptual, an appreciation of its purpose and function can help you better understand how protocol suites and network architectures work in practical applications. The OSI Seven-Layer Model As shown in Figure 4.1, the OSI reference model is built, bottom to top, in the following order: physical, data link, network, transport, session, presentation, and application.
    [Show full text]
  • Importance of DNS Suffixes and Netbios
    Importance of DNS Suffixes and NetBIOS Priasoft DNS Suffixes? What are DNS Suffixes, and why are they important? DNS Suffixes are text that are appended to a host name in order to query DNS for an IP address. DNS works by use of “Domains”, equitable to namespaces and usually are a textual value that may or may not be “dotted” with other domains. “Support.microsoft.com” could be considers a domain or namespace for which there are likely many web servers that can respond to requests to that domain. There could be a server named SUPREDWA.support.microsoft.com, for example. The DNS suffix in this case is the domain “support.microsoft.com”. When an IP address is needed for a host name, DNS can only respond based on hosts that it knows about based on domains. DNS does not currently employ a “null” domain that can contain just server names. As such, if the IP address of a server named “Server1” is needed, more detail must be added to that name before querying DNS. A suffix can be appended to that name so that the DNS sever can look at the records of the domain, looking for “Server1”. A client host can be configured with multiple DNS suffixes so that there is a “best chance” of discovery for a host name. NetBIOS? NetBIOS is an older Microsoft technology from a time before popularity of DNS. WINS, for those who remember, was the Microsoft service that kept a table of names (NetBIOS names) for which IP address info could be returned.
    [Show full text]
  • Operator's Guide
    MILITARY POWER SUPPLY Operator’s Guide Ethernet & SNMP MPS-4000-1U MPPS-4000-1U Made in USA 1.888.567.9596 (USA only) | SynQor Headquarters 155 Swanson Road, Boxborough, MA 01719-1316 USA | www.synqor.com QMS: 006-0006748 Rev. E 01\19\2021 MPS with Ethernet Interface Contents 1 Overview ............................................................................................................................................... 2 2 Initial Configuration .............................................................................................................................. 2 2.1 DHCP Server .................................................................................................................................. 2 2.2 NetBIOS Hostname ....................................................................................................................... 2 2.3 Local Connection ........................................................................................................................... 2 3 Web Interface ....................................................................................................................................... 3 3.1 MONITOR Page ............................................................................................................................. 4 3.2 CONTROL Page .............................................................................................................................. 5 3.3 NETWORK Page ............................................................................................................................
    [Show full text]
  • Open Directory Administration for Version 10.5 Leopard Second Edition
    Mac OS X Server Open Directory Administration For Version 10.5 Leopard Second Edition Apple Inc. © 2008 Apple Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid-for support services. Every effort has been made to make sure that the information in this manual is correct. Apple Inc., is not responsible for printing or clerical errors. Apple 1 Infinite Loop Cupertino CA 95014-2084 www.apple.com The Apple logo is a trademark of Apple Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, iCal, iChat, Leopard, Mac, Macintosh, QuickTime, Xgrid, and Xserve are trademarks of Apple Inc., registered in the U.S. and other countries. Finder is a trademark of Apple Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. UNIX is a registered trademark of The Open Group. Other company and product names mentioned herein are trademarks of their respective companies. Mention of third-party products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the performance or use of these products.
    [Show full text]
  • Freeipa Global Catalog Challenges
    FreeIPA Global Catalog challenges Samba XP - 2020 May 27 Alexander Bokovoy Florence Blanc-Renaud Red Hat / Samba team Red Hat Alexander: ● Samba team member since 2003 ● FreeIPA core developer since 2011 Florence ● LDAP server technology engineer since 2007 ● FreeIPA core developer since 2016 Samba: ● Andreas Schneider ● Isaac Boukris ● Simo Sorce 389-ds LDAP server ● Thierry Bordaz ● William Brown Thank you all! ● Mark Reynolds ● Ludwig Krispenz MIT Kerberos ● Greg Hudson ● Robbie Harwood ● Isaac Boukris ● Simo Sorce and many others Allow access to Active Directory resources for IPA users and services Frankenstein's Active Directory: for Linux clients, not Windows Uses 389-ds LDAP server, MIT Kerberos, and Samba NT domain controller code base to implement what Active Directory domain controller sees as a separate Active Directory forest ▸ LDAP schema optimized for Linux clients and POSIX identity management use cases ▸ Flat directory information tree for users, groups, and services ▸ No compatibility with Active Directory schema ▸ LDAP objects specific to POSIX environment use cases (SUDO rules, own access control rules, etc) ▸ KDC based on MIT Kerberos, native two-factor authentication and modern pre-authentication methods ▸ NetLogon and LSA pipes with enough support to allow AD DCs to interoperate via a forest trust ▸ Integrated DNS server and Certificate Authority It is not that simple... Global Catalog Entries LDAP is a communication protocol designed with flexibility and extensibility in mind ▸ Schema: ▸ Syntaxes ▸ Attribute types
    [Show full text]
  • The Networker's Guide to Appletalk, IPX, and Netbios
    03 9777 CH03 5/21/01 3:42 PM Page 85 3 The Networker’s Guide to AppleTalk, IPX, and NetBIOS UNTIL THE EARLY 1990S,TCP/IP WAS REALLY ONLY PREVALENT in large govern- ment and research facilities where UNIX and other supercomputing operating systems used it as a common network communications protocol.When PCs came into the picture, they were not networked. Rather, they were used either as front-ends to big micro or mainframe systems (IBM was a big fan of this approach) or as standalone sys- tems. In the early 1980s, as PCs grew in number and in performance, three strategies emerged to provide PCs with networking services:AppleTalk, Novell NetWare, and IBM’s NetBIOS. The goal of this chapter is to give you an understanding of the various protocols that make up the protocol suites and the roles they perform. It is not intended to explain how to design, set up, and manage a network. Chapter 7,“Introduction to Cisco Routers,” and Chapter 10,“Configuring IP Routing Protocols on Cisco Routers,” discuss configuration issues for these protocols. Because NetBIOS is a ses- sion layer protocol rather than a protocol suite, it will be described in the context of its operational behaviors at the end of this chapter. 03 9777 CH03 5/21/01 3:42 PM Page 86 86 Chapter 3 The Networker’s Guide to AppleTalk, IPX, and NetBIOS AppleTalk AppleTalk was an outgrowth of the Apple Macintosh computing platform. First intro- duced in 1984 and updated in 1989, it was designed to provide the Macintosh with a cohesive distributed client/server networking environment.AppleTalk,
    [Show full text]
  • Recycling Ipv4 Attacks in Ipv6
    RReeccyycclliinngg IIPPvv44 aattttaacckkss iinn IIPPvv66 Francisco Jesús Monserrat Coll RedIRIS / Red.es Jornadas de Seguridad Buenos Aires, 4 de Octubre de 2005 Index •Why we need to care about IPv6 ? • Brief introduction to IPv6 •IPv6, it’s more secure ? •Problems recycling . •Solutions and future About RedIRIS Since 1988 provides Internet connection to Academic and Research centres in Spain. Pioneers in the launch of Internet services in Spain, (DNS, news, CSIRT, ...). Based in point of presence (POA) in each region that interconnects all the centres 250 organizations connected Since January 2004 , RedIRIS is part of red.es , a government agency to promote Information society Same backbone for normal and experimental (internet2) connections, Using Internet2 in the backbone Use of the backbone for advanced applications: Opera Oberta: High quality Live Opera transmission at fast speed > 10 Mbs. Use of multicast to distribute the contents Since May 2005 , testing of multicast over IPv6 for the transmission of the videos. • Couldld thisis inincrease the use of IPv6 ? Use of IPv6 Some of the Spanish Universities are starting to use IPv6: http://www.uv.es/siuv/cas/zxarxa/ipv6.wiki IPv6 Security ? We are NOT going to talk about:: IPSEC and all the cryptographic stuff .. Traffic labelling, IP headers, etc. Why IPv6 is more secure than IPv4? Etc, etc, etc. ... For this you can: Search in google CISCO: http://www.cisco.com/security_services/ciag/documents/v6-v4-threats.pdf Michael H. Warfield’s (ISS) presentation at FIRST Conference 2004, http://www.first.org IPv6 Security ? We are NOT going to talk about:: IPSEC and all the cryptographic stuff .
    [Show full text]
  • Freeipa 3.3 Trust Features
    FreeIPAFreeIPA 3.33.3 TrainingTraining SeriesSeries FreeIPA 3.3 Trust features Sumit Bose, Alexander Bokovoy March 2014 FreeIPA and Active Directory ● FreeIPA and Active Directory both provide identity management solutions on top of the Kerberos infrastructure ● FreeIPA AD Trust feature is designed ● To give Active Directory users access to FreeIPA resources ● To allow FreeIPA servers and clients to resolve identities of AD users and groups ● FreeIPA AD Trust feature does not require ● Synchronizing accounts and passwords with AD ● Installing any software on AD domain controllers 2 FreeIPA 3.3 Training Series Cross-realm forest trust: FreeIPA and Active Directory ● FreeIPA exposes its own realm as an Active Directory- compatible forest ● Two Active Directory-compatible forests can trust each other ● As result: ● Active Directory users can access FreeIPA resources ● FreeIPA servers and clients can resolve identities of AD users and groups ● Access to FreeIPA is controlled by FreeIPA rules (HBAC, ...) for Active Directory users and groups ● All AD user and group management stays at AD side 3 FreeIPA 3.3 Training Series Active Directory → FreeIPA ● FreeIPA Kerberos infrastructure cannot be joined to Active Directory forest as a domain, only trusted as an Active Directory-compatible forest ● FreeIPA provides access to its own services to Active Domain's users by trusting Active Directory Kerberos infrastructure ● All FreeIPA access control decisions are done on FreeIPA side ● FreeIPA uses Kerberos trust by an Active Directory to perform LDAP
    [Show full text]
  • SMB Analysis
    NAP-3 Microsoft SMB Troubleshooting Rolf Leutert, Leutert NetServices, Switzerland © Leutert NetServices 2013 www.wireshark.ch Server Message Block (SMB) Protokoll SMB History Server Message Block (SMB) is Microsoft's client-server protocol and is most commonly used in networked environments where Windows® operating systems are in place. Invented by IBM in 1983, SMB has become Microsoft’s core protocol for shared services like files, printers etc. Initially SMB was running on top of non routable NetBIOS/NetBEUI API and was designed to work in small to medium size workgroups. 1996 Microsoft renamed SMB to Common Internet File System (CIFS) and added more features like larger file sizes, Windows RPC, the NT domain service and many more. Samba is the open source SMB/CIFS implementation for Unix and Linux systems 2 © Leutert NetServices 2013 www.wireshark.ch Server Message Block (SMB) Protokoll SMB over TCP/UDP/IP SMB over NetBIOS over UDP/TCP SMB / NetBIOS was made routable by running Application over TCP/IP (NBT) using encapsulation over 137/138 139 TCP/UDP-Ports 137–139 .. Port 137 = NetBIOS Name Service (NS) Port 138 = NetBIOS Datagram Service (DGM) Port 139 = NetBIOS Session Service (SS) Data Link Ethernet, WLAN etc. Since Windows 2000, SMB runs, by default, with a thin layer, the NBT's Session Service, on SMB “naked” over TCP top of TCP-Port 445. Application 445 DNS and LLMNR (Link Local Multicast Name . Resolution) is used for name resolution. Port 445 = Microsoft Directory Services (DS) SMB File Sharing, Windows Shares, Data Link Ethernet, WLAN etc. Printer Sharing, Active Directory 3 © Leutert NetServices 2013 www.wireshark.ch Server Message Block (SMB) Protokoll NetBIOS / SMB History NetBIOS Name Service (UDP Port 137) Application • Using NetBIOS names for clients and services.
    [Show full text]
  • Troubleshooting Novell IPX
    CHAPTER 8 Troubleshooting Novell IPX NetWare is a network operating system (NOS) and related support services environment created by Novell, Inc., and introduced to the market in the early 1980s. Then, networks were small and predominantly homogeneous, local-area network (LAN) workgroup communication was new, and the idea of a personal computer (PC) was just becoming popular. Much of NetWare’s networking technology was derived from Xerox Network Systems (XNS), a networking system created by Xerox Corporation in the late 1970s. By the early 1990s, NetWare’s NOS market share had risen to between 50 percent and 75 percent. With more than 500,000 NetWare networks installed worldwide and an accelerating movement to connect networks to other networks, NetWare and its supporting protocols often coexisted on the same physical channel with many other popular protocols, including TCP/IP, DECnet, and AppleTalk. Although networks today are predominately IP, there are some legacy Novel IPX traffic. Novell Technology Basics As an NOS environment, NetWare specifies the upper five layers of the OSI reference model. The parts of NetWare that occupy the upper five layers of the OSI model are as follows: • NetWare Core Protocol (NCP) • Service Advertisement Protocol (SAP) • Routing Information Protocol (RIP) NetWare provides file and printer sharing, support for various applications such as electronic mail transfer and database access, and other services. Like other NOSs, such as the network file system (NFS) from Sun Microsystems, Inc., and Windows NT from Microsoft Corporation, NetWare is based on a client/server architecture. In such architectures, clients (sometimes called workstations) request certain services such as file and printer access from servers.
    [Show full text]
  • Purpose Scope Standard Statement Revision History
    State of Michigan Department of Information Technology TECHNICAL POLICY MANUAL SUBJECT Global Windows Internet Naming Service (WINS) Standard Type NUMBER DATE ISSUED REVISION DATE REVISION NUMBER Standard 1410.26 11-04-05 Purpose Windows Internet Name Service (WINS) provides a dynamic replicated database service that can register and resolve NetBIOS names to IP addresses used on your network. Windows 2003 Server provides WINS, which enables the server computer to act as a NetBIOS name server and register and resolve names for WINS-enabled client computers on a network as described in the NetBIOS over TCP/IP standards. The purpose of this standard is to provide the necessary guidelines for the use of the Microsoft Windows Internet Naming Service (WINS) protocol within the SOM Network. Scope This standard applies to any group using WINS in the SOM to resolve NetBIOS names and addresses. Standard Statement The development of new applications and name resolution must be based on the Domain Name Service (DNS) protocol that remains in line with the direction of Michigan/1. Existing implementations of WINS, which are disparate, will move to the centralized implementation of WINS servers as defined in the State of Michigan Active Directory Design. Revision History Revision Effective Description of Enhancements Level Date 11-04-05 Initial Release Standard_M1WI08_Wins.doc 1 Printed 11/4/2005 @ 1:53 PM State of Michigan Department of Information Technology TECHNICAL POLICY MANUAL SUBJECT Global Windows Internet Naming Service (WINS) Standard Type NUMBER DATE ISSUED REVISION DATE REVISION NUMBER Standard 1410.26 11-04-05 Terms and Definitions NetBIOS Network Basic Input/Output System is a program that allows applications on different computers to communicate within a local area network.
    [Show full text]
  • Freeipa Hands-On Tutorial Fedora 18 Update: Active Directory Trusts and More
    FreeIPA hands-on tutorial Fedora 18 update: Active Directory trusts and more Alexander Bokovoy Jakub Hrozek Martin Koˇsek |||{ Red Hat Inc. LinuxCon Europe November 5th, 2012 1 Preparation 2 Installation 3 Active Directory trusts 4 Users 5 Certificates, keytabs 6 HBAC 7 RBAC 8 Replication 9 Other features 10 SSSD: More than a FreeIPA client Section 1 Preparation Preparation Lab structure Use cases will use 3 VMs and the host machine server: server.ipa-X.example.com - will host an IPA server replica: replica.ipa-X.example.com - will host an IPA replica client: client.ipa-X.example.com - will host IPA client with a web server Instructor machine hosts: IPA: server.ipa-0.example.com - will host an IPA server IPA: replica.ipa-0.example.com - will host an IPA replica IPA: client.ipa-0.example.com - will host an IPA client with a web server AD: ad.example.com - Active Directory domain AD: dc.ad.example.com - Active Directory domain controller Section 2 Installation Installation Install IPA server Check install options in ipa-server-install --help Core options: --external-ca, --setup-dns, --selfsign Most common install issues: broken DNS, bad /ect/hosts configuration --no-host-dns, --setup-dns Remains after the last unsuccessful install /var/lib/ipa/sysrestore/ Time issues (Kerberos time sensitive) - on clients, replicas ipa-server-install --setup-dns Installation Install IPA server (cont.) kinit as admin, check tickets with klist Check logs (useful for debugging): /var/log/pki-ca/debug /var/log/pki-ca-install.log /var/log/dirsrv/ (permissions!)
    [Show full text]