1 / 28

Overview of Windows Networking Protocols and Their Layers

This overview explores the architecture of networking in Windows environments, detailing the various layers and protocols involved. It covers application-layer protocols like HTTP and FTP, the presentation and session layers, and specifics about transport-layer implementations like TDI and TCP/IP. Additionally, it discusses the significance of NetBIOS, SMB, and WINS for resource access and name resolution within networks. Security models, access controls, and the interplay between different Windows networking components are examined to provide a comprehensive understanding of Windows networking protocols.

eamon
Télécharger la présentation

Overview of Windows Networking Protocols and Their Layers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Windows Networking” ITL

  2. Overview • Networking under Windows • Mixture of applications and protocols

  3. Windows Protocols • Application Layer: • “Providers”: Vendor-specific networking clients • Application (http, ftp, etc.) • Presentation Layer • Usually empty

  4. Windows Protocols • Session Layer • Redirectors – linked to Provider modules • Servers • Transport Layer • TDI – Transport Driver Interface • Various transport protocols (TCP, NWLink, NBF) • Lower Layers

  5. Some Definitions • NBF: NetBIOS Frame Protocol • Based on NetBEUI (Network Basic Input Output System Extended User Interface) • NWLink • Implementation of the Novell protocols IPX/SPX • IPX: Internet Packet Exchange • SPX: Sequence Packet Exchange

  6. Protocol Structure NetBIOS (Kernel) TCP/IPNetBT SPX/IPX NBF NDIS NIC Driver Note: TCP/NetBT and IPX/SPX are routable, NBF (NetBEUI) is not.

  7. Specifications & Info • Karanjit S. Siyan, “Windows NT TCP/IP”, New Riders Professional Library • RFCs 1001 & 1002 • SNIA CIFS Spec 0.9

  8. Some History • Windows networking • Windows for Workgroups • LAN Manager (various versions) • Intended for small LANs • Similar to AppleTalk

  9. History … • Novell used for server-based large networks • Windows networking used for Peer-to-Peer • RFCs 1001 and 1002 define NetBIOS over TCP (NetBT)

  10. UNC • Uniform Naming Convention • \\ServerName\ShareName\Path\FileName • Defines a flat namespace used to locate network resources

  11. SMB • Server Message Block • Application layer protocol • Defines access to files, printers, and named pipes • SMB specs are not public • CIFS specs are public under SNIA

  12. Protocol Stacks for SMB SMB NetBIOS IPX/SPX TCP/IP NetBEUI Data Link Layer

  13. SMB Functions • Session Setup and Disconnect • File Access • Printer Access • Directory Searching • Setting File Attributes • File Creation and Deletion

  14. SMB File Access • Open and Close • Read and Write • Record and byte range locking • File Locks • “Opportunistic” locks (caching support)

  15. SMB Variants • SMB is not a single specification • Microsoft and other vendors made numerous enhancements • SMB session setups include a required version negotiation

  16. Name Resolution • NetBIOS uses 15 character names • Flat name space inside a NetBIOS Scope • Nodes assert a name upon startup • Assertion is successful unless challenged

  17. Node Types • b-nodes • Use broadcast for name resolution • Can interact only with b-nodes (and mixed nodes) • p-nodes • Use a NetBIOS name server (NBNS, Microsoft WINS) • Cannot interact with b-nodes

  18. Mixed Node Types • m-nodes • mixed operation, broadcast first • h-nodes • mixed, NBNS, LMHOST file, broadcst • Windows defaults: • b-node • h-node if a WINS server is specified

  19. Some Notes • WINS is NBNS as defined in RCFs 1001 and 1002, but • WINS replications (server to server updates) are vendor-specific • WINS is dynamic, entries come from NetBIOS name registration at system startup

  20. WINS and DNS • Up to Windows NT 4, these are separate • Computers can have unrelated DNS and NetBIOS names • DHCP clients without dynamic DNS • Have “generic” or no DNS names • Dynamically register NetBIOS names

  21. Windows 2000 • Pure Windows 2000 networks use dynamic DNS • WINS lookups used for mixed environments • Names lookups can trigger • DNS queries • WINS queries • Broadcasts

  22. WINS and DNS names • Windows 2000 machines use FQDN (Fully Qualified Domain Names) • NetBIOS names are derived from the host name • Pad short names with spaces up to 15 characters • Truncate names with >15 chars

  23. Microsoft DNS • Dynamic Updates • Replication (If used with Active Directory aka LDAP) • UTF-8 character coding unless restricted to RFC 1123 • Additional DNS record types

  24. Service Discovery • LDAP - based starting with Windows 2000 • Previous versions use a proprietary systen of “domain browsers” • Creates some broadcast traffic

  25. Access Control in SMB • “Share Level Access” • Used with FAT16 and FAT32 • Single password for a directory tree • User Level Access • Requires User/Password Authentication • NTFS required to make access file-specific

  26. Security Models • “Workgroup” • relies on share level security or • user/password settings on Windows NT or 2000 workstations • Domain Controller • Windows NT or 2000 server which contains a central user database

  27. Dual Access Control • NTFS-based file sharing checks credentials twice • Share-level permissions • File level access control lists • Non-file objects (e.g. printers) can have share permissions

  28. Security protocols in CIFS • Authentication required for session setup to a server • Plain Text Password (discouraged for obvious reason) • Challenge-response • Requires a shared secret (password) • May be stored on a separate authentication server

More Related