Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-users: Re: [Ethereal-users] Re: SMB protocol Spec.

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Thu, 10 Apr 2003 13:52:03 -0700
On Thu, Apr 10, 2003 at 01:13:50PM -0700, Ali Hasan wrote:
> I am a user of your Ethereal for qiute awhile and I was wondering how
> could you get the specification about the SMB protocol

Here are some URLs from the Ethereal source for the dissector for SMB
and protocols running atop SMB.

Some of them might refer you to books you have to buy.  Some of them
might no longer work.

http://www.samba.org/samba/ftp/specs/brow_rev.txt
ftp://ftp.microsoft.com/developr/drg/CIFS/cifsrap2.txt
ftp://ftp.microsoft.com/developr/drg/CIFS/
http://www.snia.org/English/Collaterals/Work_Group_Docs/NAS/CIFS/CIFS_Technical_Reference.pdf
ftp://ftp.microsoft.com/developr/drg/CIFS/draft-leach-cifs-v1-spec-01.txt
http://www.opengroup.org/products/publications/catalog/c209.htm
http://www.opengroup.org/products/publications/catalog/c195.htm
http://www.samba.org/samba/ftp/specs/smb-nt01.doc
http://www.samba.org/samba/ftp/specs/
ftp://ftp.microsoft.com/developr/drg/CIFS/dosextp.txt
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/windows_2000_windows_nt_access_mask_format.asp
http://www.unicode.org/unicode/onlinedat/countries.html
http://www.wildpackets.com/elements/SMB_NT_Status_Codes.txt
http://www.samba.org/samba/ftp/specs/smbpub.txt

> and the underlining protocols.

If by "underlining" (or "underlying"), you mean the protocols atop which
SMB runs, then see:

	http://www.s390.ibm.com/bookmgr-cgi/bookmgr.cmd/BOOKS/BK8P7001/CCONTENTS

	http://ourworld.compuserve.com/homepages/TimothyDEvans/contents.htm

for information on the low-level NetBIOS-over-a-LAN protocol, and:

	http://www.protocols.com/pbook/novel.htm#NetBIOS
	http://www.microsoft.com/technet/network/ipxrout.asp
	http://ourworld.compuserve.com/homepages/TimothyDEvans/encap.htm
	http://support.microsoft.com/support/kb/articles/q203/0/51.asp
	http://support.microsoft.com/support/kb/articles/q203/0/51.asp
	ftp://ftp.microsoft.com/developr/drg/CIFS/smbpub.zip
	http://www.samba.org/samba/ftp/specs/smbpub.txt

for various bits of information on NetBIOS-over-IPX/SMB-over-IPX, and

	http://www.ietf.org/rfc/rfc1001.txt?number=1001
	http://www.ietf.org/rfc/rfc1002.txt?number=1002

for NetBIOS-over-TCP.  (Some of those URLs might no longer work, or
might not contain much useful information.)

Note also that some of the stuff done by those dissectors was determined
by reverse-engineering the protocols rather than by finding the
information in a protocol specification.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube