网络安全 [5]
论文作者:www.51lunwen.org论文属性:作业 Assignment登出时间:2016-05-08编辑:lily点击率:11637
论文字数:3517论文编号:org201605051011306290语种:英语 English地区:澳大利亚价格:免费论文
关键词:网络安全TCP网络基本输入输出系统服务器信息块
摘要:本文对一个兼具综合性和灵活性的网络安全体系进行介绍,通过深入分析,对数据传输通过TCP三路握手过程、网络基本输入输出系统和SMB(服务器信息块)进行转储的过程进行阐述。
73. This function can be used for user authentication on the server.
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
WordCount
AndXCommand
AndXReserved
AndXOffset
...
MaxBufferSize
MaxMpxCount
...
VcNumber
SessionKey
...
CaseInsensitivePasswordLength
CaseSensitivePasswordLength
Reserved
...
Capabilities
...
ByteCount
AccountPassword (variable)
AccountName (variable)
PrimaryDomain (variable)
NativeOS (variable)
NativeLanMan (variable)
SMB Session Setup AndX request and response have AndXCommand and AndXOffset fields are used for passing additional SMB Commands with the SMB Session Setup AndX. From this packet it can be analyzed that it is a request sent from J4-ITRL-19 to J4-ITRL-14 and illustrates that Andx Command to be 0x75 which is SMB Tree Connect Andx with operating system as Native Lanman Windows NT 4.0 and windows NT 1381.
AndXCommand
0x75 (SMB Tree Connect Andx)
NativeOS
Windows NT 1381
NativeLanMan
Windows NT 4.0
It identifies SMB Tree Connect and the operating system of the source system as Windows NT 1381. With the SMB Tree Connect structure the path is identified as \J4-ITRL-14\ and service is requested as IPC. The path is the name of the resource to which the client wants to access and service indicate the type of service the client intends to access, where IPC is used for accessing named pipes.
Packet 9:
From this packet it is clear that it also uses SMB Session Setup functions.
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
WordCount
AndXCommand
AndXReserved
AndXOffset
...
Action
ByteCount
...
NativeOS (variable)
NativeLanMan (variable)
PrimaryDomain (variable)
This packet is SMB Session Setup AndX Response with AndX commands as 0x75(SMB Tree Connect AndX ) giving information about the destination system Native LANMAN as NT LAN Manager 4.0, Operating System Windows NT 4.0 and Primary Domain of the network on which the server is located as SOC_SECURITY.
Native LANMAN
NT LAN Manager 4.0
Native OS
Windows NT 4.0
Primary Domain
SOC_SECURITY
This Packet with the data as the second command SMB Tree Connect Andx response as allowing access requested service that is IPC. This IPC Named pipes allows existing Windows services to execute remote API calls on remote machine.
Packet 10:
Analyzing this packet this is SMB Transaction which performs symbolically named transaction including named pipes and mail slots identified by the SMB command value as 0x25.
The SMB Transactions setup information and parameters are special functions which are not identified by the protocol but by client and server implementations. This Transaction is used to call and retrieve the results.
Illustrating this packet the tra
本论文由英语论文网提供整理,提供论文代写,英语论文代写,代写论文,代写英语论文,代写留学生论文,代写英文论文,留学生论文代写相关核心关键词搜索。