06.Rozdział 06 (6)

[ Pobierz całość w formacie PDF ]
.= Normal DelayIP:.= Normal ThroughputIP:.= Normal ReliabilityIP: Total Length = 310 (0x136)IP: Identification = 37376 (0x9200)IP: Flags Summary = 2 (0x2)IP:.0 = Last fragment in datagramIP:.1.= Cannot fragment datagramIP: Fragment Offset = 0 (0x0) bytesIP: Time to Live = 128 (0x80)IP: Protocol = TCP - Transmission ControlIP: Checksum = 0x6F6FIP: Source Address = 199.245.180.1IP: Destination Address = 199.245.180.101IP: Data: Number of data bytes remaining = 290 (0x0122)TCP:.AP., len: 270, seq: 3757940-3758209, ack: 4572168, win: 8657, src: 1033dst: 139 (NBT Session)TCP: Source Port = 0x0409TCP: Destination Port = NETBIOS Session ServiceTCP: Sequence Number = 3757940 (0x395774)TCP: Acknowledgement Number = 4572168 (0x45C408)TCP: Data Offset = 20 (0x14)TCP: Reserved = 0 (0x0000)TCP: Flags = 0x18 :.AP.Zledzenie protokołu TCP/IP195TCP:.= No urgent dataTCP:.1.= Acknowledgement field significantTCP:.1.= Push functionTCP:.= No ResetTCP:.= No SynchronizeTCP:.0 = No FinTCP: Window = 8657 (0x21D1)TCP: Checksum = 0x7593TCP: Urgent Pointer = 0 (0x0)TCP: Data: Number of data bytes remaining = 270 (0x010E)NBT: SS: Session Message, Len: 266NBT: Packet Type = Session MessageNBT: Packet Flags = 0 (0x0)NBT:.0 = Add 0 to LengthNBT: Packet Length = 266 (0x10A)NBT: SS Data: Number of data bytes remaining = 266 (0x010A)SMB: C session setup & X, Username = Administrator, and C tree connect & X,Share = \\NTSRVR\IPC$SMB: SMB Status = Error SuccessSMB: Error class = No ErrorSMB: Error code = No ErrorSMB: Header: PID = 0xCAFE TID = 0x0000 MID = 0x0000 UID = 0x0000SMB: Tree ID (TID) = 0 (0x0)SMB: Process ID (PID) = 51966 (0xCAFE)SMB: User ID (UID) = 0 (0x0)SMB: Multiplex ID (MID) = 0 (0x0)SMB: Flags Summary = 24 (0x18)SMB:.0 = Lock & Read and Write & Unlock not supportedSMB:.= Send No Ack not supportedSMB:.1.= Using caseless pathnamesSMB:.1.= Canonicalized pathnamesSMB:.= No Opportunistic lockSMB:.= No Change NotifySMB: 0.= Client commandSMB: flags2 Summary = 32771 (0x8003)SMB:.1 = Understands long filenamesSMB:.1.= Understands extended attributesSMB:.= No DFS capabilitiesSMB:.= No paging of IOSMB:.= Using SMB status codesSMB: 1.= Using UNICODE stringsSMB: Command = C session setup & XSMB: Word count = 13SMB: Word parametersSMB: Next offset = 0x00DESMB: Max Buffer Size = 4356 (0x1104)SMB: Max MPX requests = 50SMB: VC number = 0SMB: Session Key = 0SMB: Password length = 24 (0x18)SMB: Unicode Password length = 24 (0x18)SMB: Capabilities = 212 (0xD4)SMB:.0 = No Raw Reads and Writes.SMB:.= No support for multiplexed commands.SMB:.1.= Supports UNICODE strings.SMB:.= Does not support large files.Rozdział 6196SMB:.1.= Supports the NT SMB extensions.SMB:.= RPC remote API's not supported.SMB:.1.= Recognizes NT Status codes.SMB:.1.= Supports level II oplocks.SMB:.= Does not support Lock and Read.SMB:.= Does not support NT Find.SMB:.= Does not support bulk transfers.SMB:.= Does not support compressed bulk transfers.SMB:.= This server is NOT DFS aware.SMB:.= ReadX responses must be withinnegotiated buffer sizes.SMB: Byte count = 161SMB: Byte parametersSMB: Account name = AdministratorSMB: Domain name = NTDOMAINSMB: Native OS = Windows NT 1381SMB: Native Lanman = Windows NT 4.0SMB: Command = C tree connect & XSMB: Word count = 4SMB: Word parametersSMB: Next offset = 0x0000SMB: Disconnect flag = 0x0000SMB: Password length = 1 (0x1)SMB: Byte count = 33SMB: Byte parametersSMB: Password =SMB: File name = \\NTSRVR\IPC$SMB: Service Name = IPCSMB: Command = No secondary command00000: 00 60 08 36 71 DE 00 00 C0 7A 2D 5C 08 00 45 00.`.6q.z-\.E.00010: 01 36 92 00 40 00 80 06 6F 6F C7 F5 B4 01 C7 F5.6.@.oo.00020: B4 65 04 09 00 8B 00 39 57 74 00 45 C4 08 50 18.e.9Wt.E.P.00030: 21 D1 75 93 00 00 00 00 01 0A FF 53 4D 42 73 00 !.u.SMBs.00040: 00 00 00 18 03 80 00 00 00 00 00 00 00 00 00 00.Rysunek 6.24Polecenia SMB C session setup & X,Username=Administrator oraz C connect & XPakiet 6 (patrz rysunek 6.25) służy do utworzenia połączenia z dzielo-nym zasobem (\srvsvc).FRAME: Base frame propertiesFRAME: Time of capture = May 9, 1998 18:11:7.92FRAME: Time delta from previous physical frame: 9 millisecondsFRAME: Frame number: 6FRAME: Total frame length: 158 bytesFRAME: Capture frame length: 158 bytesFRAME: Frame data: Number of data bytes remaining = 158 (0x009E)ETHERNET: ETYPE = 0x0800 : Protocol = IP: DOD Internet ProtocolETHERNET: Destination address : 0060083671DEETHERNET:.0 = Individual addressETHERNET:.= Universally administered addressETHERNET: Source address : 0000C07A2D5CZledzenie protokołu TCP/IP197ETHERNET:.0 = No routing information presentETHERNET:.= Universally administered addressETHERNET: Frame Length : 158 (0x009E)ETHERNET: Ethernet Type : 0x0800 (IP: DOD Internet Protocol)ETHERNET: Ethernet Data: Number of data bytes remaining = 144 (0x0090)IP: ID = 0x9300; Proto = TCP; Len: 144IP: Version = 4 (0x4)IP: Header Length = 20 (0x14)IP: Service Type = 0 (0x0)IP: Precedence = RoutineIP:.= Normal DelayIP:.= Normal ThroughputIP:.= Normal ReliabilityIP: Total Length = 144 (0x90)IP: Identification = 37632 (0x9300)IP: Flags Summary = 2 (0x2)IP:.0 = Last fragment in datagramIP:.1.= Cannot fragment datagramIP: Fragment Offset = 0 (0x0) bytesIP: Time to Live = 128 (0x80)IP: Protocol = TCP - Transmission ControlIP: Checksum = 0x6F15IP: Source Address = 199.245.180.1IP: Destination Address = 199.245.180.101IP: Data: Number of data bytes remaining = 124 (0x007C)TCP:.AP., len: 104, seq: 3758210-3758313, ack: 4572316, win: 8509, src: 1033dst: 139 (NBT Session)TCP: Source Port = 0x0409TCP: Destination Port = NETBIOS Session ServiceTCP: Sequence Number = 3758210 (0x395882)TCP: Acknowledgement Number = 4572316 (0x45C49C)TCP: Data Offset = 20 (0x14)TCP: Reserved = 0 (0x0000)TCP: Flags = 0x18 :.AP.TCP:.= No urgent dataTCP:.1.= Acknowledgement field significantTCP:.1.= Push functionTCP:.= No ResetTCP:.= No SynchronizeTCP:.0 = No FinTCP: Window = 8509 (0x213D)TCP: Checksum = 0xB47DTCP: Urgent Pointer = 0 (0x0)TCP: Data: Number of data bytes remaining = 104 (0x0068)NBT: SS: Session Message, Len: 100NBT: Packet Type = Session MessageNBT: Packet Flags = 0 (0x0)NBT:.0 = Add 0 to LengthNBT: Packet Length = 100 (0x64)NBT: SS Data: Number of data bytes remaining = 100 (0x0064)SMB: C NT create & X, File = \srvsvcSMB: SMB Status = Error SuccessSMB: Error class = No ErrorSMB: Error code = No ErrorSMB: Header: PID = 0x0940 TID = 0x0801 MID = 0x0040 UID = 0x0801SMB: Tree ID (TID) = 2049 (0x801)Rozdział 6198SMB: Process ID (PID) = 2368 (0x940)SMB: User ID (UID) = 2049 (0x801)SMB: Multiplex ID (MID) = 64 (0x40)SMB: Flags Summary = 24 (0x18)SMB: [ Pobierz całość w formacie PDF ]