Wireshark · Smb2-protocol: [Smb2-protocol] Re: a first look at SMB2

[ronnie sahlberg <ronniesahlberg@xxxxxxxxx>]

I just saw that myself 10 minutes ago.


See packet 464/467    where the client binds to SRVSVC

Then packets 468/469
that are a request   carrying the SRVSVC request   and  469 is a
response that also carries payload, the SRVSVC respnse


now   the question is   what to call this opcode.


Transaction ?



On 11/24/05, Stefan (metze) Metzmacher <metze@xxxxxxxxx> wrote:
> Stefan (metze) Metzmacher schrieb:
> > tridge@xxxxxxxxx schrieb:
> >> I thought the following might be useful for people interested in the
> >> changes in SMB2 as compared to SMB.
> >> Fewer Commands
> >> --------------
> >>
> >> The number of top level commands has been greatly reduced, and is down
> >> to 18 opcodes. Where SMB had a pile of different ways for doing
> >> something, SMB2 has just one, which is a nice change. The commands
> >> that we have found in SMB2 are
> >>
> >> NEGPROT   0x00
> >> SESSSETUP 0x01
> >> unknown   0x02
> >
> >> mount?    0x0B
> > I saw this, directly after a DCERPC bind (which was done with write/read)
> > I assume this is a call the passes data, and gets data as a result, so
> > this seems to the missing call that make rpc calls faster without out
> > the write/read overhead.
>
> btw: that was in ronnies look_at_the_acl.cap and the netshareenum2.cap
>
> --
> metze
>
> Stefan Metzmacher <metze at samba.org> www.samba.org
>
> _______________________________________________
> Smb2-protocol mailing list
> Smb2-protocol@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/smb2-protocol
>

Attachment: ronnie_create_a_2000byte_file.cap
Description: Binary data