On Mon, 14 Oct 2002, Mikael Olsson wrote: > > > Bill Royds wrote: > > > > The netbios Name query/response packets are in the same format as DNS > > query/response packets, just on port 137 instead of 53 > > *ding* > > They're not even remotely related. > > Do a dump of a netbios name query and you'll see a string like > "IJDFYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" > where each letter is one nibble (4 bits), plus 'A' (which means > that each "AA" pair is in fact a representation of NUL.) > > Do a dump of a DNS query and you'll see a string like > "www.bustyvixens.com" umm .. ^H^H^H^H^H^H^H^H^H^H^H^Hmicrosoft.com" Hmmm, I don't want to make a lot of game-show like noises, but there are similarities between DNS requests and NetBIOS name requests, however, the RFC1001/RFC1002 people did choose a really weird encoding for names. For more information on NetBIOS name requests, I would suggest that you look at the excellent documentation at ubiqx.org/cifs. Regards ----- Richard Sharpe, rsharpeat_private, rsharpeat_private, sharpeat_private, http://www.richardsharpe.com _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 12:01:22 PDT