Course Name
SMB – Server Message Block Protocol Training
Course Overview
This course on SMB Server Message Block Protocol training is designed for people who work on development, testing and verification of SMB protocol. Participants will learn the internals of SMB protocol that helps them with a much better understanding of their current SMB work.
Target Audience
- Professionals and Students who are working in Storage/Networking/IT Domain
- Developers, Testers/QA and Verification Engineers who are working on or keen to know Server Message Block Protocol
Fee, Schedule & Registration
Click Here for SMB – Server Message Block Protocol Training course, training schedule, fee and registration information.
SMB – Server Message Block Protocol Training Course Outline
Introduction Summary of features – File and printer access – File and record locking – Safe caching, read-ahead, and write-behind – File change notification – Protocol version negotiation – Extended attributes – Distributed replicated virtual volumes – Server name resolution via DNS – Batched requests |
Protocol Operation Overview Server Name Determination Server Name Resolution SAMPLE MESSAGE FLOW MESSAGE FORMAT SMB PROTOCOL DIALECT NEGOTIATION Message Transport – Reliable Connection Oriented Transports – Connectionless Transports OPPORTUNISTIC LOCKS – Exclusive Oplocks – Batch Oplocks – Level II Oplocks Security Model Resource Share/Access Example Authentication – Pre NT LM 0.12 – NT LM 0.12 DISTRIBUTED FILESYSTEM (DFS) SUPPORT |
SMB Messages and Formats SMB HEADER – Flags2 Field – Tid Field – Pid Field – Mid Field – Status Field – Timeouts – Data Buffer (BUFFER) and String Formats FILE NAMES WILDCARDS DFS PATHNAMES TIME AND DATE ENCODING ACCESS MODE ENCODING FILE ATTRIBUTE ENCODING “ANDX” SMB MESSAGES SMB MESSAGES – Valid SMB Messages by Negotiated Dialect – NEGOTIATE: Negotiate Protocol – SESSION_SETUP_ANDX: Session Setup And X – LOGOFF_ANDX: User Logoff And X – TREE_CONNECT: Tree Connect – TREE_CONNECT_ANDX: Tree Connect And X – TREE_DISCONNECT: Tree Disconnect – CREATE_DIRECTORY: Create Directory – DELETE_DIRECTORY: Delete Directory – CHECK_DIRECTORY: Check Directory – OPEN: Open File – CREATE: Create File – CLOSE: Close File – FLUSH: Flush File – DELETE: Delete File – RENAME: Rename File – QUERY_INFORMATION: Get File Attributes – SET_INFORMATION: Set File Attributes – READ: Read File – WRITE: Write Bytes – LOCK_BYTE_RANGE: Lock Bytes – UNLOCK_BYTE_RANGE: Unlock Bytes – CREATE_TEMPORARY: Create Temporary File – CREATE_NEW: Create File – PROCESS_EXIT: Process Exit – SEEK: Seek in File – SMB_QUERY_INFORMATION_DISK: Get Disk Attributes – SEARCH: Search Directory – OPEN_PRINT_FILE: Create Print Spool file – WRITE_PRINT_FILE: Write to Print File – CLOSE_PRINT_FILE: Close and Spool Print Job – GET_PRINT_QUEUE: Get Printer Queue Entries – LOCK_AND_READ: Lock and Read Bytes – WRITE_AND_UNLOCK: Write Bytes and Unlock Range – READ_RAW: Read Raw – READ_MPX: Read Block Multiplex – WRITE_RAW: Write Raw Bytes – WRITE_MPX: Write Block Multiplex – SET_INFORMATION2: Set File Information – QUERY_INFORMATION2: Get File Information – LOCKING_ANDX: Lock or UnLock Bytes – MOVE: Rename File – COPY: Copy File – ECHO: Ping the Server – OPEN_ANDX: Open File And X – NT_CREATE_ANDX: Create File – READ_ANDX: Read Data – WRITE_ANDX: Write Bytes to file or resource – TRANSACTIONS – NT_CANCEL: Cancel request – FIND_CLOSE2: Close Search |
SMB Command Codes |
Error Codes and Classes |
Security Considerations Share level protection Plaintext Password Authentication LANMAN 2.1 (and earlier) Challenge/Response – Known Plaintext Attacks – Small Key Space – Chosen Plaintext Attacks – Dictionary Attacks – Badly Chosen Passwords NT LM 0.12 Challenge/Response Other attacks – Hijack connections – Downgrade attack – Spoofing by Counterfeit Servers – Storing Passwords Safely |