Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
-
Home
-
Forums
-
Software
-
MIS/IT
-
Management Tools
-
Network General: Sniffer
You should upgrade or use an alternative browser.
Microsoft Windows Browser Protocol?
-
Thread starterporress
-
Start date
- Status
- Not open for further replies.
-
#2
— host announcements
— browser elections
— and so no…. in your sniffer trace file
If you have a domain in native windows2000/2003 mode, it is not present and replaced by AD and DNS
if you need more technical info, let me know and i will post it for you,
regards,
Robert
Robert A.H. Wullems
Sniffer University Instructor
SCP/SCE/SCM/CNX/MSCA
- Status
- Not open for further replies.
Similar threads
-
Home
-
Forums
-
Software
-
MIS/IT
-
Management Tools
-
Network General: Sniffer
-
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Harry Potter
-
-
#1
Hi Guys,
I need to understand how does the browser exactly works in details and its
protocol…. For example I realized that the text request go through a
different layer of TCP than when the browser actually request for the
picture/image part of the browser
e.g. I have two different type of TCP layer on my computer one is MSAFD and
the other is RSVP TCP service provider… when I type http://192.168.0.1 in
my browser the first GET request goes through the MSAFD TCP and the 2nd get
request for image goes through the RSVP TCP??? so these are the kind of
things I like to understand…
Also when I first run the browser I see it send request through the network
I think sort of DNS finding so I like to understand these details to be able
to develop my layer to interface with all these request… where can I find
this information? do you know about it? I saw on my Ethereal «Microsoft
Browser Protocol» and I think that’s what I need but I searched the web and
couldn’t find much??? is this the protocol deciding upon all the
transactions between the browser and OS??
I would greatly appreciate all the feedbacks and advise you can provide me
with…
thank you all in advice.
-
-
#2
Harry Potter said:
Hi Guys,
I need to understand how does the browser exactly works in details
and its protocol…. For example I realized that the text request go
through a different layer of TCP than when the browser actually
request for the picture/image part of the browser
e.g. I have two different type of TCP layer on my computer one is
MSAFD and the other is RSVP TCP service provider… when I type
http://192.168.0.1 in my browser the first GET request goes through
the MSAFD TCP and the 2nd get request for image goes through the RSVP
TCP??? so these are the kind of things I like to understand…
Also when I first run the browser I see it send request through the
network I think sort of DNS finding so I like to understand these
details to be able to develop my layer to interface with all these
request… where can I find this information? do you know about it? I
saw on my Ethereal «Microsoft Browser Protocol» and I think that’s
what I need but I searched the web and couldn’t find much??? is this
the protocol deciding upon all the transactions between the browser
and OS??I would greatly appreciate all the feedbacks and advise you can
provide me with…thank you all in advice.
Microsoft Browser protocol and the working of Browser are two different
things.
If you want to know what happens when you request a web page, you need to
know
HTTP protocol. Google is your friend.
Harry Potter
-
-
#3
no, I think I need to underestand the microsoft browser protocol…
I think I know HTTP…. protocol what I need to underestand that as an
application (IE) how interacts with the lower layer components… as far as
HTTP concerns it is just interact with the browser and the winsock for the
TCP calls and that’s it…. but I need to underestand how does the IE
interacts…
thank you
Madhur Ahuja said:
Harry Potter said:
Hi Guys,
I need to understand how does the browser exactly works in details
and its protocol…. For example I realized that the text request go
through a different layer of TCP than when the browser actually
request for the picture/image part of the browser
e.g. I have two different type of TCP layer on my computer one is
MSAFD and the other is RSVP TP service provider… when I type
http://192.168.0.1 in my browser the first GET request goes through
the MSAFD TCP and the 2nd get request for image goes through the RSVP
TCP??? so these are the kind of things I like to understand…
Also when I first run the browser I see it send request through the
network I think sort of DNS finding so I like to understand these
details to be able to develop my layer to interface with all these
request… where can I find this information? do you know about it? I
saw on my Ethereal «Microsoft Browser Protocol» and I think that’s
what I need but I searched the web and couldn’t find much??? is this
the protocol deciding upon all the transactions between the browser
and OS??I would greatly appreciate all the feedbacks and advise you can
provide me with…thank you all in advice.
Microsoft Browser protocol and the working of Browser are two different
things.
If you want to know what happens when you request a web page, you need to
know
HTTP protocol. Google is your friend.—
Madhur Ahuja [madhur<underscore>ahuja<at>yahoo<dot>com]Homepage
http://madhur.netfirms.com
A security researcher has released proof-of-concept code for an unpatched security vulnerability affecting all versions of Windows, prompting a warning from Microsoft that remote code execution attacks are theoretically possible.
Details on the vulnerability were released on the Full Disclosure mailing list earlier this week and Microsoft followed up with two separate blog posts discussing the ramifications of the problem and suggesting workarounds until a patch can be created and released.
According to Microsoft’s Mark Wodrich, the vulnerability was identified in the BROWSER protocol and although all versions of Windows are vulnerable, the issue is more likely to affect server systems running as the Primary Domain Controller (PDC).
«In environments following best practices, the BROWSER protocol should be blocked at the edge firewalls thus limiting attacks to the local network,» Wodrich said.
Wodrich provided technical confirmation of the buffer overrun vulnerability and explained that a malformed BROWSER message would cause the Master Browser to hit a portion of vulnerable code to trigger the vulnerability.
He warned that remote code execution (highest severity) may be possible in certain circumstances.
«While [remote code execution] is theoretically possible, we feel it is not likely in practice,» Wodrich said, noting that a more risk attack scenario would be denial-of-service attacks.
Microsoft has not yet issued a formal security advisory with mitigation guidance or workarounds.
Editorial standards
The Computer Browser (Browser) service maintains an up-to-date list of computers on your network, and it supplies the list to programs that request it. The Computer Browser service is used by Windows-based computers that must view network domains and resources. Computers that are designated as browsers maintain browse lists, which contain all shared resources that are used on the network.
There are several roles that a computer might perform in a browsing environment. Under some conditions, such as failure or shutdown of a computer that is designated for a specific browser role, browsers or potential browsers may change to a different operational role.
On Windows 7-based computers, the Computer Browser service is installed by default and its startup type is Manual. On computers running Windows Server 2008 R2, it is disabled. When the Computer Browser service is started in its default configuration, it logs on by using the Local System account. If it stops, the browser list is not updated or maintained.
The Computer Browser service is dependent upon the following system components:
- Server
- Security Accounts Manager
- Remote Procedure Call (RPC)
- DCOM Server Process Launcher
- RPC Endpoint Mapper
- Server SMB 1.xxx Driver
- Server SMB 2.xxx Driver
- srvnet
- Workstation
- Browser Support Driver
- Network Store Interface Service
- NSI proxy service driver
- SMB 1.x MiniRedirector
- SMB 2.0 MiniRedirector
- SMB MiniRedirector Wrapper and Engine
- Redirected Buffering Sub System
- Mup
The following table identifies the application protocol, network protocols, and ports used by the Computer Browser service:
| Application protocol | Network protocol | Ports |
|---|---|---|
| NetBIOS Datagram Service | UDP | 138 |
| NetBIOS Name Resolution | UDP | 137 |
| NetBIOS Session Service | TCP | 139 |