Tuesday, February 24, 2015

Server Message Block (SMB)

Server Message Block (SMB)



In computer networkingServer Message Block (SMB), one version of which was also known as Common Internet File System (CIFS/ˈsɪfs/),[1][2] operates as an application-layer network protocol[3] mainly used for providing shared access to filesprintersserial ports, and miscellaneous communications between nodes on a network. It also provides an authenticated inter-process communication mechanism. Most usage of SMB involves computers running Microsoft Windows, where it was known as "Microsoft Windows Network" before the subsequent introduction of Active Directory. Corresponding Windows services are LAN Manager Server (for the server component) and LAN Manager Workstation (for the client component).


Features


SMB can run on top of the Session (and lower) network layers in several ways:
The SMB "Inter-Process Communication" (IPC) system provides named pipes and was one of the first inter-process mechanisms commonly available to programmers that provides a means for services to inherit the authentication carried out when a client[clarification needed] first connected to an SMB server.[citation needed]
Some services that operate over named pipes, such as those which use Microsoft's own implementation of DCE/RPC over SMB, known as MSRPC over SMB, also allow MSRPC client programs to perform authentication, which over-rides the authorization provided by the SMB server, but only in the context of the MSRPC client program that successfully makes the additional authentication.
SMB signing: Windows NT 4.0 Service Pack 3 and upwards have the capability to use cryptography to digitally sign SMB connections. The most common official term is "SMB signing". Other terms that have been used officially are "[SMB] Security Signatures", "SMB sequence numbers"[7] and "SMB Message Signing".[8] SMB signing may be configured individually for incoming SMB connections (handled by the "LanManServer" service) and outgoing SMB connections (handled by the "LanManWorkstation" service). The default setting from Windows 98 and upwards is to opportunistically sign outgoing connections whenever the server also supports this. And to fall back to unsigned SMB if both partners allow this. The default setting for Windows domain controllers from Server 2003 and upwards is to not allow fall back for incoming connections.[9] The feature can also be turned on for any server running Windows NT 4.0 Service Pack 3 or later. This protects from man-in-the-middle attacks against the Clients retrieving their policies from domain controllers at login.[10]
The design of Server Message Block version 2 (SMB2) aims[citation needed] to mitigate this performance-limitation by coalescing SMB signals into single packets.
SMB supports opportunistic locking — a special type of locking-mechanism — on files in order to improve performance.
SMB serves as the basis for Microsoft's Distributed File System implementation.

No comments:

Post a Comment