网络安全 [4]
论文作者:www.51lunwen.org论文属性:作业 Assignment登出时间:2016-05-08编辑:lily点击率:11584
论文字数:3517论文编号:org201605051011306290语种:英语 English地区:澳大利亚价格:免费论文
关键词:网络安全TCP网络基本输入输出系统服务器信息块
摘要:本文对一个兼具综合性和灵活性的网络安全体系进行介绍,通过深入分析,对数据传输通过TCP三路握手过程、网络基本输入输出系统和SMB(服务器信息块)进行转储的过程进行阐述。
s used to operate different protocol systems and TCP/IP. SMB resides above the NetBIOS layer, which interfaces to the transport layer protocols and provides services related to resource naming and location.
Every Session begins with a preliminary exchange of information, in which an SMB dialect is negotiated and a client is authenticated and logged on to the server. When two machines comes into network contact they negotiate the dialect to be used. The details of the authentication process vary depending on the operating system and the configuration.
Packet 6:
In this packet, it is identified as SMB Negotiate Request has been sent from J4-ITRL-19 to J4-ITRL-14, based on SMB header with SMB command 0x72 which is SMB Negotiate command.
1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Word Count
Byte Count
Dialect Name
……..
Analyzing the Flags fields it can be identified that a request message has been sent from client to server. From the SMB Negotiation Request, it is clear that there are eight dialects that can be offered and also their index numbers.
Index
Dialect Name
0PC Network program 1.0
1 Xenix Core
2 Microsoft Network 1.03
3 LANMAN 1.0
4 Windows For Workgroups 3.1a
5 LM1.2X002
6 LANMAN2.1
7 NT LM 0.12
This packet is SMB Negotiate, which is client's initial packet used for dialect and capabilities negotiations. This provides the list of SMB dialects with which the dialect can communicate to the server and responds by selects an appropriate dialect for communication and returns the selected dialect index to the client.
Packet 7:
This packet is the response for Negotiate request from J4-ITRL to J4-ITRL-19.
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 01
WordCount DialectIndex SecurityMode
Max Buffer Size
Max Raw Size
Session Key
Capabilities
SystemTimeLow
SystemTimehigh
ServerTimeZone EncryptionKeylength ByteCount
EncryptionKey
OemDomainName
Analyzing this packet on the structure described as SMB Negotiation Response it can be identified as Dialect Index which is NTLM 0.12. This field in SMB Negotiation Response Structure are System Time which defines the system time and location of server and OemDomainName determines the domain.
DialectIndex
Typing on a laptop keyboard
Get our
essay
Writing Guide
As the UK's leading
essay and
dissertation writing service, we have put together the ultimate guide to writing your essay!
GET THE GUIDE
7(NT LM 0.12)
System Time( based on location and time zone)
16/08/02 03:27:17 pm
OemDomainName
SOC_SECURITY
Packet 8:
Analyzing this packet it is clear that this is used for setting up SMB Session functions.
This is identified as SMB Session Setup AndX with the command field value as 0x
本论文由英语论文网提供整理,提供论文代写,英语论文代写,代写论文,代写英语论文,代写留学生论文,代写英文论文,留学生论文代写相关核心关键词搜索。