|
NetBIOS is an acronym for Network Basic Input/Output System. The NetBIOS API allows applications on separate computers to communicate over a local area network. It provides services related to the session layer of the OSI model. NetBIOS name Each computer running Windows has a NetBIOS name; you can view/change it on the identification tab in Control Panel -> Network. Various services & client tools, including Network Neighborhood and NET USE, use NetBIOS names. The NetBIOS name is specified when Windows networking is installed/configured. In order to connect to a computer running TCP/IP via its NetBIOS name, the name must be resolved to an IP Address (the NetBIOS name-IP address resolution is often done by WINS - NetBIOS Name Server). A computer's NetBIOS name is often the same as that computer's host name (see below), but it doesn't have to be. Host name A Windows machine's NetBIOS name is not to be confused with the computer's host name. Each computer running TCP/IP (whether it's a Windows machine or not) has a host name (also sometimes called a machine name). You can view/change it on the DNS tab in Control Panel -> Network -> TCP/IP -> Properties Host names are used by applications such as telnet, ftp, web browsers, etc. In order to connect to a computer running the TCP/IP protocol using its HOST name, the host name must be resolved into an IP Address (the host name or FQDN (Fully Qualified Domain Name)-IP address resolution is typically done by something called DNS - Domain Name System/Service). Changing a computer's Host name does not change its NetBIOS name.
History NetBIOS was developed by Sytek Inc. for IBM 's PC-Network in 1983. The interface was designed for small networks; PC-Network only supported up to 80 devices in its baseband form. Since the interface was only originally published through a technical reference book from IBM, the protocol's API became a de facto standard. In 1985, IBM went forward with the Token-Ring network scheme and a NetBIOS emulator was produced to allow PC-Network applications to work over this new design, using the NetBEUI protocol to provide the NetBIOS services over the IEEE 802.2 Logical Link Control layer. With Novell's release of Advanced Novell NetWare 2.0 in 1986, NetBIOS was reconfigured to be encapsulated in the IPX/SPX protocol. After the PS/2 computer hit the market in 1987 IBM was finally prompted to release the PC LAN Support Program, which included a driver for NetBIOS. At the same time, they also developed a method of encapsulating NetBIOS in a TCP packet (NBT) and released RFC 1001 - "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Concepts and methods" and RFC 1002 - "Protocol standard for a NetBIOS service on a TCP/UDP transport: Detailed specifications". Services NetBIOS provides three distinct services: (Note: SMB, an upper layer, is a service that runs on top of the Session Service and the Datagram service, and is not to be confused as a necessary and integral part of NetBIOS itself. It can now run atop TCP with a small adaptation layer that adds a packet length to each SMB message; this is necessary because TCP only provides a byte-stream service with no notion of packet boundaries.) Name service In order to start Sessions or distribute Datagrams, an application must register its NetBIOS name using the Name service. NetBIOS names are 16 bytes in length and vary based on the particular implementation. Frequently, the 16th byte is used to designate a "type" similar to the use of ports in TCP/IP. In NBT, the name service operates on UDP port 137 (TCP port 137 can also be used, but it is rarely if ever used). The name service primitives offered by NetBIOS are: Session service Session mode lets two computers establish a connection for a "conversation," allows larger messages to be handled, and provides error detection and recovery. In NBT, the session service runs on TCP port 139. The session service primitives offered by NetBIOS are: In the original protocol used to implement NetBIOS services on PC-Network, to establish a session, the computer establishing the session sends an Open request which is responded to by an Open acknowledgment. The computer that started the session will then send a Session Request packet which will prompt either a Session Accept or Session Reject packet. Data is transmitted during an established session by data packets which are responded to with either acknowledgment packets (ACK) or negative acknowledgment packets (NACK). Since NetBIOS is handling the error recovery, NACK packets will prompt retransmission of the data packet. Sessions are closed by the non-initiating computer by sending a close request. The computer that started the session will reply with a close response which prompts the final session closed packet. Datagram distribution service Datagram mode is "connectionless". Since each message is sent independently, they must be smaller; the application becomes responsible for error detection and recovery. In NBT, the datagram service runs on UDP port 138. The datagram service primitives offered by NetBIOS are: Exploits Since NetBIOS must be enabled for Windows File and Print Sharing, many basic exploits test to see if NetBIOS is enabled or test ports 136-139 for access. If these ports are unblocked, any shared directories on the computer will be accessible to the Internet. See also | ||||||||
|
| |||||||||
 |
|
| |