Home |
Last modified: 16-06-2020 |
A bit of information on NetBIOS, mailslots, and named pipes.
Network Basic Input/Output System (NetBIOS) is a network API proposed by IBM in the early 80's. While NetBEUI is intimately related to NetBIOS, NetBIOS is actually protocol-independent, and is available for standard protocols like TCP/IP (under the name of NetBT). Note that NBF is a protocol and NetBEUI an API extension.
Since a PC can have more than one network card, and each card can run more than one protocol at one time, NetBIOS uses LAN Adapter (LANA) numbers, a unique pair of network card and a transport protocol.
Command-line utility to check which NetBIOS names a PC (local or remoted) registered. "nbtstat -n" lists local NetBIOS names.
To let remote hosts communicate with it, a PC must register NetBIOS names on each LANA number. A NetBIOS name is 16 characters long, with the 16th character used to tell NetBIOS what type of resource it is. A name can be unique (must be unique on the network) or group (shared by multiple PC's; used for multicast data transmissions).
From "Network Programming for Microsoft Windows", here are the different unique values that the 16th character can take:
<00> |
Workstation service name. In general, this is the NetBIOS computer name |
|
<03> |
Messenger service name used when receiving and sending messages. This is the name that is registered with the WINS server as the messenger service on the WINS client and is usually added to the computer name and to the name of the user currently logged on to the computer |
|
<1B> |
Domain master browser name. This name identifies the primary domain controller and indicates which clients and other browsers to use to contact the domain master browser |
|
<06> |
Remote Access Service (RAS) server service |
|
<1F> |
Network Dynamic Data Exchange (NetDDE) service |
|
<20> |
Server service name used to provide share points for file sharing |
|
<21> |
RAS client |
|
<BE> |
Network Monitor Agent |
|
<BF> |
Network Monitor utility |
Here are the different group values available:
|
<1C> |
A domain group name that contains a list of the specific addresses of computers that have registered the domain name. The domain controller registers this name. WINS treats this as a domain group: each member of the group must renew its name individually or be released. The domain group is limited to 25 names. When a static 1C name is replicated that clashes with a dynamic 1C name on another WINS server, a union of the members is added, and the record is marked as static. If the record is static, members of the group do not have to renew their IP addresses. |
|
<1D> |
The master browser name used by clients to access the master browser. There is one master browser on a subnet. WINS servers return a positive response to domain name registrations but do not store the domain name in their databases. If a computer sends a domain name query to the WINS server, the WINS server returns a negative response. If the computer that sent the domain name query is configured as h-node or m-node, it will then broadcast the name query to resolve the name. The node type refers to how the client attempts to resolve a name. Clients configured for b-node resolution send broadcast packets to advertise and resolve NetBIOS names. The p-node resolution uses point-to-point communication to a WINS server. The m-node resolution is a mix of b-node and p-node in which b-node is used first and then, if necessary, p-node is used. The last resolution method is h-node, or hybrid node. It always attempts to use p-node registration and resolution first, falling back on b-node only on failure. Windows installations default to h-node. |
|
<1E> |
A normal group name. Browsers can broadcast to this name and listen on it to elect a master browser. These broadcasts are for the local subnet and should not cross routers. |
|
<20> |
An Internet group name. This type of name is registered with WINS servers to identify groups of computers for administrative purposes. For example, printersg could be a registered group name used to identify an administrative group of print servers. |
_MSBROWSE_ |
Instead of a single appended 16th character, _MSBROWSE_ is appended to a domain name and broadcast on the local subnet to announce the domain to other master browsers. |
NetBIOS offers both connection-oriented services and connectionless (datagram) services.
The NetBIOS API only offers a single function, which can be either synchronous or asynchronous:
UCHAR Netbios(PNCB pNCB);
... where nNCB is a pointer to a structure.
Simple one-way IPC mechanism to transmit (especially, broadcast) messages using the SMB protocol. Reliability is not guaranteed since mailsots smaller than 424 bytes are based on a broadcast architecture (for larger messages, NT uses connection-oriented mailslots, which means that messages are one-to-one only). The Messenger service ("net send") uses mailslots.
Mailslots use CreateMailslot() and CreateFile(), and the regular Windows file system functions (ReadFile, WriteFile) to send and receive data, and rely on the Windows redirector to create/identify mailslots using a file system named the Mailslot File System (MSFS).
Mailslots use the following naming format: \\server\Mailslot\[path]name
Connection-oriented alternative to Mailslots. Designed around the Windows file system using the Named Pipe File System (NPFS) interface, which, like mailslots, relies on the MSNP redirector. Note that a named pipe server application can operate only on the Windows NT platform. Unlike mailslots, named pipes rely on Windows NT platform security features to control access when clients attempt to form communication to a server.
Named pipes are identified using the following UNC format: \\server\Pipe\[path]name
Declare Function Netbios Lib "netapi32.dll" Alias "Netbios" (pncb As NCB) As Byte
From Wikipedia "SMB, an upper layer, is a service that runs on top of the Session Service and the Datagram service, and is not to be confused as a necessary and integral part of NetBIOS itself. It can now run atop TCP with a small adaptation layer that adds a packet length to each SMB message; this is necessary because TCP only provides a byte-stream service with no notion of packet boundaries."