Linux with pre-RC1 and or RC1

D

David Sherman

How to contact a Linux Distro to Vista?

Normally I would contact a Linux machine by typing in
smb://Ipaddress/sharename.(to vista machine)

I have changed this registry setting on Vista
HKLM\System\CurrentControlSet\Control\LSA\(REG_DWORD)LmCompatibilityLevel
to 2 and try.


However, the Vista machine rejects user name and password.

Any suggestions?

thanks
 
P

Prashanth Prahalad [MSFT]

Can you get a network capture and send it across ? What is the Linux distro
you are using and the smbclient version ?

Can you set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\nolmhash
=[dword] 00000000 on Vista and then see if it works ?

If it doesnt then, can you also check-
What is the value of
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ForceGuest?

Is guest account turned on?

How did you grant access to the share?
 
D

David Sherman

Can you get a network capture and send it across ? What is the Linux distro
you are using and the smbclient version ?
Click to expand...

Ubunto 6.10 LTS
Samba client 3.0.2.2-1
Can you set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\nolmhash
=[dword] 00000000 on Vista and then see if it works ?
Click to expand...

I changed the value from to 0

If it doesnt then, can you also check-
What is the value of
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ForceGuest?
Click to expand...

Value is 0
Is guest account turned on?
Click to expand...

NO, default of 5600 has no guest
How did you grant access to the share?
Click to expand...

Yes


Capture No-- I have tried to use ethereal to capture the information
but it shows nothing. Under fedora core 5, sue 10.1 amd ubunti, I type
in url of share ( like smb://192.168.1.6/transfer) and get an
authorization dialog box that askes me user name and password. I type
that info and the dialog box is returned without the password. Thus
the loop continues.

even if I join a domain, I can't get connected
 
P

Prashanth Prahalad [MSFT]

A capture would be very useful. I'll try to see if I can get to reproduce
the problem with our systems.

Thanks ~
Prashanth

David Sherman said:
Can you get a network capture and send it across ? What is the Linux
distro
you are using and the smbclient version ?
Click to expand...

Ubunto 6.10 LTS
Samba client 3.0.2.2-1
Can you set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\nolmhash
=[dword] 00000000 on Vista and then see if it works ?
Click to expand...

I changed the value from to 0

If it doesnt then, can you also check-
What is the value of
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ForceGuest?
Click to expand...

Value is 0
Is guest account turned on?
Click to expand...

NO, default of 5600 has no guest
How did you grant access to the share?
Click to expand...

Yes


Capture No-- I have tried to use ethereal to capture the information
but it shows nothing. Under fedora core 5, sue 10.1 amd ubunti, I type
in url of share ( like smb://192.168.1.6/transfer) and get an
authorization dialog box that askes me user name and password. I type
that info and the dialog box is returned without the password. Thus
the loop continues.

even if I join a domain, I can't get connected
Click to expand...
 
D

David Sherman

Here is the capture file:

No. "Time" "Source" "Destination" "Protocol"
"Info"
1 "0.000000" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
2 "0.000749" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
3 "0.001054" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70694 opnum: 8 ctx_id: 0"
4 "0.001377" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=0 Ack=2920 Win=65535 Len=0"
5 "0.002111" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
6 "0.002115" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
7 "0.002118" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=3028 Ack=2920 Win=65535 Len=0"
Click to expand...
8 "0.002121" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70694 ctx_id: 0"
9 "0.126744" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=3028 Ack=2980 Win=65475 Len=0"
Click to expand...
10 "6.742005" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
11 "6.742318" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
12 "6.742566" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70695 opnum: 8 ctx_id: 0"
13 "6.742920" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=2980 Ack=5948 Win=65535 Len=0"
14 "6.743136" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
15 "6.743140" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
16 "6.743143" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=6056 Ack=5900 Win=65535 Len=0"
Click to expand...
17 "6.743146" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70695 ctx_id: 0"
18 "6.845244" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=6056 Ack=5960 Win=65475 Len=0"
Click to expand...
19 "8.969661" "Vmware_a6:5a:62" "Broadcast" "ARP"
"Who has 192.168.1.8? Tell 192.168.1.7"
20 "8.970107" "BelkinCo_6e:90:52" "Vmware_a6:5a:62"
"ARP" "192.168.1.8 is at 00:30:bd:6e:90:52"
21 "8.970551" "192.168.1.7" "192.168.1.8" "TCP"
"38492 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=101246 TSER=0
WS=7"
22 "8.971568" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38492 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34390838 TSER=101246"
23 "8.971738" "192.168.1.7" "192.168.1.8" "TCP"
"38492 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=101248
TSER=34390838"
24 "8.981785" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to 192.168.1.8<20> from BOXKNOPIX<00>"
25 "8.982126" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
26 "8.982645" "192.168.1.7" "192.168.1.8" "TCP"
"38492 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=101250 TSER=34390840"
27 "8.982894" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38492 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34390840
TSER=101250"
28 "8.983430" "192.168.1.7" "192.168.1.8" "TCP"
"38493 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=101251 TSER=0
WS=7"
29 "8.985180" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38493 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34390840 TSER=101251"
30 "8.985350" "192.168.1.7" "192.168.1.8" "TCP"
"38493 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=101251
TSER=34390840"
31 "9.001553" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to *SMBSERVER<20> from BOXKNOPIX<00>"
32 "9.001912" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
33 "9.002085" "192.168.1.7" "192.168.1.8" "TCP"
"38493 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=101255 TSER=34390843"
34 "9.002309" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38493 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34390843
TSER=101255"
35 "9.002871" "192.168.1.7" "192.168.1.8" "NBNS" "Name
query NBSTAT
*<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>"
36 "9.003400" "192.168.1.8" "192.168.1.7" "NBNS" "Name
query response NBSTAT"
37 "9.003911" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=101256 TSER=0
WS=7"
38 "9.005527" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38494 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34390843 TSER=101256"
39 "9.005575" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=101256
TSER=34390843"
40 "9.021528" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to XPTEST<20> from BOXKNOPIX<00>"
41 "9.021891" "192.168.1.8" "192.168.1.7" "NBSS"
"Positive session response"
42 "9.021923" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [ACK] Seq=73 Ack=5 Win=5888 Len=0 TSV=101260
TSER=34390846"
43 "9.025664" "192.168.1.7" "192.168.1.8" "SMB"
"Negotiate Protocol Request"
44 "9.026591" "192.168.1.8" "192.168.1.7" "SMB"
"Negotiate Protocol Response"
45 "9.027190" "192.168.1.7" "192.168.1.8" "SMB"
"Session Setup AndX Request User: anonymous"
46 "9.027657" "192.168.1.8" "192.168.1.7" "SMB"
"Session Setup AndX Response"
47 "9.035717" "192.168.1.7" "192.168.1.8" "SMB" "Tree
Connect AndX Request Path: \\192.168.1.8\IPC$"
48 "9.036197" "192.168.1.8" "192.168.1.7" "SMB" "Tree
Connect AndX Response"
49 "9.053418" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
50 "9.053795" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
51 "9.054075" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
52 "9.054504" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
53 "9.093493" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [ACK] Seq=657 Ack=473 Win=8064 Len=0 TSV=101278
TSER=34390850"
54 "10.117260" "192.168.1.3" "63.208.197.213" "TCP"
"2145 > 32976 [PSH ACK] Seq=0 Ack=0 Win=64742 Len=52"
55 "10.163361" "63.208.197.213" "192.168.1.3" "TCP"
"32976 > 2145 [ACK] Seq=0 Ack=52 Win=6432 Len=0"
56 "13.327584" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
57 "13.327935" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
58 "13.328148" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70696 opnum: 8 ctx_id: 0"
59 "13.328407" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=5960 Ack=8976 Win=65535 Len=0"
60 "13.329141" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
61 "13.329146" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
62 "13.329150" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=9084 Ack=8880 Win=65535 Len=0"
Click to expand...
63 "13.329153" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70696 ctx_id: 0"
64 "13.398490" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=9084 Ack=8940 Win=65475 Len=0"
Click to expand...
65 "13.471567" "LinksysG_c0:d0:9b" "AsustekC_03:64:c7"
"ARP" "Who has 192.168.1.3? Tell 192.168.1.1"
66 "13.471572" "AsustekC_03:64:c7" "LinksysG_c0:d0:9b"
"ARP" "192.168.1.3 is at 00:11:2f:03:64:c7"
67 "14.605702" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70697 opnum: 69 ctx_id: 0"
68 "14.606790" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70697 ctx_id: 0"
69 "14.608121" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70698 opnum: 26 ctx_id: 0"
70 "14.608691" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70698 ctx_id: 0"
71 "14.610233" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70699 opnum: 29 ctx_id: 0"
72 "14.610834" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70699 ctx_id: 0"
73 "14.723656" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=9676 Ack=9260 Win=65155 Len=0"
Click to expand...
74 "16.751179" "192.168.1.7" "192.168.1.8" "TCP"
"38495 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=103192 TSER=0
WS=7"
75 "16.751707" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38495 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34392029 TSER=103192"
76 "16.751714" "192.168.1.7" "192.168.1.8" "TCP"
"38495 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=103192
TSER=34392029"
77 "16.767903" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to 192.168.1.8<20> from BOXKNOPIX<00>"
78 "16.768265" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
79 "16.768448" "192.168.1.7" "192.168.1.8" "TCP"
"38495 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=103197 TSER=34392033"
80 "16.768699" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38495 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34392033
TSER=103197"
81 "16.768945" "192.168.1.7" "192.168.1.8" "TCP"
"38496 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=103197 TSER=0
WS=7"
82 "16.771585" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38496 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34392033 TSER=103197"
83 "16.771647" "192.168.1.7" "192.168.1.8" "TCP"
"38496 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=103197
TSER=34392033"
84 "16.787697" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to *SMBSERVER<20> from BOXKNOPIX<00>"
85 "16.787932" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
86 "16.788122" "192.168.1.7" "192.168.1.8" "TCP"
"38496 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=103202 TSER=34392038"
87 "16.788414" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38496 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34392038
TSER=103202"
88 "16.788669" "192.168.1.7" "192.168.1.8" "NBNS" "Name
query NBSTAT
*<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>"
89 "16.789007" "192.168.1.8" "192.168.1.7" "NBNS" "Name
query response NBSTAT"
90 "16.789541" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=103202 TSER=0
WS=7"
91 "16.791312" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38497 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34392039 TSER=103202"
92 "16.791508" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=103202
TSER=34392039"
93 "16.807665" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to XPTEST<20> from BOXKNOPIX<00>"
94 "16.807946" "192.168.1.8" "192.168.1.7" "NBSS"
"Positive session response"
95 "16.807979" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [ACK] Seq=73 Ack=5 Win=5888 Len=0 TSV=103207
TSER=34392043"
96 "16.808190" "192.168.1.7" "192.168.1.8" "SMB"
"Negotiate Protocol Request"
97 "16.808873" "192.168.1.8" "192.168.1.7" "SMB"
"Negotiate Protocol Response"
98 "16.809175" "192.168.1.7" "192.168.1.8" "SMB"
"Session Setup AndX Request User: anonymous"
99 "16.809587" "192.168.1.8" "192.168.1.7" "SMB"
"Session Setup AndX Response"
100 "16.809763" "192.168.1.7" "192.168.1.8" "SMB" "Tree
Connect AndX Request Path: \\192.168.1.8\IPC$"
101 "16.810122" "192.168.1.8" "192.168.1.7" "SMB" "Tree
Connect AndX Response"
102 "16.810259" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
103 "16.810551" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
104 "16.810667" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
105 "16.810955" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
106 "16.814181" "192.168.1.7" "192.168.1.8" "NBSS"
"Session keep-alive"
107 "16.814533" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
108 "16.814814" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38497 [ACK] Seq=473 Ack=765 Win=65792 Len=0
TSV=34392044 TSER=103208"
109 "16.814817" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
110 "16.815127" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
111 "16.815446" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
112 "16.855578" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [ACK] Seq=878 Ack=551 Win=8064 Len=0 TSV=103218
TSER=34392044"
113 "19.745935" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
114 "19.746313" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
115 "19.746547" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70700 opnum: 8 ctx_id: 0"
116 "19.747071" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=9260 Ack=12596 Win=65535 Len=0"
117 "19.747586" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
118 "19.747591" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
119 "19.747594" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=12704 Ack=12180 Win=65535 Len=0"
Click to expand...
120 "19.747597" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70700 ctx_id: 0"
121 "19.857047" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=12704 Ack=12240 Win=65475 Len=0"
Click to expand...
122 "26.220394" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
123 "26.220724" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
124 "26.220965" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70701 opnum: 8 ctx_id: 0"
125 "26.221350" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=12240 Ack=15624 Win=65535 Len=0"
126 "26.222160" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
127 "26.222166" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
128 "26.222169" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=15732 Ack=15160 Win=65535 Len=0"
Click to expand...
129 "26.222171" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70701 ctx_id: 0"
130 "26.305337" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=15732 Ack=15220 Win=65475 Len=0"
Click to expand...
131 "27.939477" "192.168.1.7" "192.168.1.8" "TCP"
"38498 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=105989 TSER=0
WS=7"
132 "27.939943" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38498 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34393762 TSER=105989"
133 "27.940070" "192.168.1.7" "192.168.1.8" "TCP"
"38498 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=105989
TSER=34393762"
134 "27.953084" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to 192.168.1.8<20> from BOXKNOPIX<00>"
135 "27.954087" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
136 "27.954835" "192.168.1.7" "192.168.1.8" "TCP"
"38498 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=105993 TSER=34393766"
137 "27.955099" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38498 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34393766
TSER=105993"
138 "27.955366" "192.168.1.7" "192.168.1.8" "TCP"
"38499 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=105993 TSER=0
WS=7"
139 "27.956509" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38499 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34393766 TSER=105993"
140 "27.956580" "192.168.1.7" "192.168.1.8" "TCP"
"38499 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=105994
TSER=34393766"
141 "27.958641" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [SYN] Seq=0 Len=0 MSS=1460"
Click to expand...
142 "27.969077" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to *SMBSERVER<20> from BOXKNOPIX<00>"
143 "27.969399" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
144 "27.969689" "192.168.1.7" "192.168.1.8" "TCP"
"38499 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=105997 TSER=34393768"
145 "27.969922" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38499 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34393769
TSER=105997"
146 "27.970076" "192.168.1.7" "192.168.1.8" "NBNS" "Name
query NBSTAT
*<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>"
147 "27.970405" "192.168.1.8" "192.168.1.7" "NBNS" "Name
query response NBSTAT"
148 "27.970774" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=105997 TSER=0
WS=7"
149 "27.972549" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38500 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34393769 TSER=105997"
150 "27.972606" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=105998
TSER=34393769"
151 "27.985013" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to XPTEST<20> from BOXKNOPIX<00>"
152 "27.985316" "192.168.1.8" "192.168.1.7" "NBSS"
"Positive session response"
153 "27.985355" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [ACK] Seq=73 Ack=5 Win=5888 Len=0 TSV=106001
TSER=34393771"
154 "27.985552" "192.168.1.7" "192.168.1.8" "SMB"
"Negotiate Protocol Request"
155 "27.986211" "192.168.1.8" "192.168.1.7" "SMB"
"Negotiate Protocol Response"
156 "27.986476" "192.168.1.7" "192.168.1.8" "SMB"
"Session Setup AndX Request User: anonymous"
157 "27.986893" "192.168.1.8" "192.168.1.7" "SMB"
"Session Setup AndX Response"
158 "27.987047" "192.168.1.7" "192.168.1.8" "SMB" "Tree
Connect AndX Request Path: \\192.168.1.8\IPC$"
159 "27.987407" "192.168.1.8" "192.168.1.7" "SMB" "Tree
Connect AndX Response"
160 "27.987545" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
161 "27.987843" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
162 "27.987957" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
163 "27.988261" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
164 "27.991385" "192.168.1.7" "192.168.1.8" "NBSS"
"Session keep-alive"
165 "27.991740" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
166 "27.992023" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38500 [ACK] Seq=473 Ack=765 Win=65792 Len=0
TSV=34393771 TSER=106002"
167 "27.992027" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
168 "27.992203" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
169 "27.992444" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
170 "28.000466" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [SYN ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1452"
Click to expand...
171 "28.000471" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [ACK] Seq=1 Ack=1 Win=65535 Len=0"
Click to expand...
172 "28.024509" "192.168.1.3" "68.22.73.140" "HTTP" "GET
/wxpsta/maps/wxp032/radar/d640x480/default.jpeg HTTP/1.0"
173 "28.032916" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [ACK] Seq=878 Ack=551 Win=8064 Len=0 TSV=106013
TSER=34393771"
174 "28.056920" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [ACK] Seq=1 Ack=239 Win=6432 Len=0"
Click to expand...
175 "28.180479" "68.22.73.140" "192.168.1.3" "HTTP"
"HTTP/1.0 304 Not Modified"
176 "28.180486" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [FIN ACK] Seq=186 Ack=239 Win=6432 Len=0"
Click to expand...
177 "28.180488" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [ACK] Seq=239 Ack=187 Win=65350 Len=0"
Click to expand...
178 "28.192524" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [FIN ACK] Seq=239 Ack=187 Win=65350 Len=0"
Click to expand...
179 "28.208523" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [ACK] Seq=187 Ack=240 Win=6432 Len=0"
Click to expand...
180 "31.680573" "192.168.1.2" "192.168.1.3" "NBSS" "NBSS
Continuation Message"
181 "31.680578" "192.168.1.3" "192.168.1.2" "TCP" "kpop
microsoft-ds [ACK] Seq=0 Ack=1 Win=64705 Len=0"
Click to expand...
182 "32.762474" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
183 "32.762906" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
184 "32.763152" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70702 opnum: 8 ctx_id: 0"
185 "32.763484" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=15220 Ack=18652 Win=65535 Len=0"
186 "32.763802" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
187 "32.763825" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
188 "32.763829" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=18760 Ack=18140 Win=65535 Len=0"
Click to expand...
189 "32.763831" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70702 ctx_id: 0"
190 "32.817856" "192.168.1.3" "192.168.1.8" "NBSS" "NBSS
Continuation Message"
191 "32.818072" "192.168.1.8" "192.168.1.3" "TCP"
"49215 > netbios-ssn [ACK] Seq=0 Ack=1 Win=255 Len=0 SLE=0 SRE=1"
192 "32.888767" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=18760 Ack=18200 Win=65475 Len=0"
Click to expand...
193 "34.052905" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70703 opnum: 69 ctx_id: 0"
194 "34.053838" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70703 ctx_id: 0"
195 "34.053844" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70704 opnum: 26 ctx_id: 0"
196 "34.054091" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70704 ctx_id: 0"
197 "34.054480" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70705 opnum: 29 ctx_id: 0"
198 "34.054958" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70705 ctx_id: 0"
199 "34.189968" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=19352 Ack=18520 Win=65155 Len=0"
Click to expand...
 
D

David Sherman

I tried to use Fedora Core 5.

Ethereal will no even start a trace to the Vista machine.
 
P

Prashanth Prahalad [MSFT]

David,

Looking at frame 49/50 among others, the server is failing with
ERROR_ACCESS_DENIED implying that the server doesnt recognize the user
credentials.
Is the username/password you are using a member of the administrators group
?
Can you try accessing the the vista machine with the administrator cred i.e
try <vistamachine>\administrator and password

Please followup with me offline if you are still experiencing problems.
Thanks,
Prashanth



David Sherman said:
Here is the capture file:

No. "Time" "Source" "Destination" "Protocol"
"Info"
1 "0.000000" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
2 "0.000749" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
3 "0.001054" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70694 opnum: 8 ctx_id: 0"
4 "0.001377" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=0 Ack=2920 Win=65535 Len=0"
5 "0.002111" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
6 "0.002115" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
7 "0.002118" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=3028 Ack=2920 Win=65535 Len=0"
Click to expand...
8 "0.002121" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70694 ctx_id: 0"
9 "0.126744" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=3028 Ack=2980 Win=65475 Len=0"
Click to expand...
10 "6.742005" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
11 "6.742318" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
12 "6.742566" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70695 opnum: 8 ctx_id: 0"
13 "6.742920" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=2980 Ack=5948 Win=65535 Len=0"
14 "6.743136" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
15 "6.743140" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
16 "6.743143" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=6056 Ack=5900 Win=65535 Len=0"
Click to expand...
17 "6.743146" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70695 ctx_id: 0"
18 "6.845244" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=6056 Ack=5960 Win=65475 Len=0"
Click to expand...
19 "8.969661" "Vmware_a6:5a:62" "Broadcast" "ARP"
"Who has 192.168.1.8? Tell 192.168.1.7"
20 "8.970107" "BelkinCo_6e:90:52" "Vmware_a6:5a:62"
"ARP" "192.168.1.8 is at 00:30:bd:6e:90:52"
21 "8.970551" "192.168.1.7" "192.168.1.8" "TCP"
"38492 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=101246 TSER=0
WS=7"
22 "8.971568" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38492 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34390838 TSER=101246"
23 "8.971738" "192.168.1.7" "192.168.1.8" "TCP"
"38492 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=101248
TSER=34390838"
24 "8.981785" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to 192.168.1.8<20> from BOXKNOPIX<00>"
25 "8.982126" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
26 "8.982645" "192.168.1.7" "192.168.1.8" "TCP"
"38492 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=101250 TSER=34390840"
27 "8.982894" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38492 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34390840
TSER=101250"
28 "8.983430" "192.168.1.7" "192.168.1.8" "TCP"
"38493 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=101251 TSER=0
WS=7"
29 "8.985180" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38493 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34390840 TSER=101251"
30 "8.985350" "192.168.1.7" "192.168.1.8" "TCP"
"38493 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=101251
TSER=34390840"
31 "9.001553" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to *SMBSERVER<20> from BOXKNOPIX<00>"
32 "9.001912" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
33 "9.002085" "192.168.1.7" "192.168.1.8" "TCP"
"38493 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=101255 TSER=34390843"
34 "9.002309" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38493 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34390843
TSER=101255"
35 "9.002871" "192.168.1.7" "192.168.1.8" "NBNS" "Name
query NBSTAT
*<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>"
36 "9.003400" "192.168.1.8" "192.168.1.7" "NBNS" "Name
query response NBSTAT"
37 "9.003911" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=101256 TSER=0
WS=7"
38 "9.005527" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38494 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34390843 TSER=101256"
39 "9.005575" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=101256
TSER=34390843"
40 "9.021528" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to XPTEST<20> from BOXKNOPIX<00>"
41 "9.021891" "192.168.1.8" "192.168.1.7" "NBSS"
"Positive session response"
42 "9.021923" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [ACK] Seq=73 Ack=5 Win=5888 Len=0 TSV=101260
TSER=34390846"
43 "9.025664" "192.168.1.7" "192.168.1.8" "SMB"
"Negotiate Protocol Request"
44 "9.026591" "192.168.1.8" "192.168.1.7" "SMB"
"Negotiate Protocol Response"
45 "9.027190" "192.168.1.7" "192.168.1.8" "SMB"
"Session Setup AndX Request User: anonymous"
46 "9.027657" "192.168.1.8" "192.168.1.7" "SMB"
"Session Setup AndX Response"
47 "9.035717" "192.168.1.7" "192.168.1.8" "SMB" "Tree
Connect AndX Request Path: \\192.168.1.8\IPC$"
48 "9.036197" "192.168.1.8" "192.168.1.7" "SMB" "Tree
Connect AndX Response"
49 "9.053418" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
50 "9.053795" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
51 "9.054075" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
52 "9.054504" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
53 "9.093493" "192.168.1.7" "192.168.1.8" "TCP"
"38494 > netbios-ssn [ACK] Seq=657 Ack=473 Win=8064 Len=0 TSV=101278
TSER=34390850"
54 "10.117260" "192.168.1.3" "63.208.197.213" "TCP"
"2145 > 32976 [PSH ACK] Seq=0 Ack=0 Win=64742 Len=52"
55 "10.163361" "63.208.197.213" "192.168.1.3" "TCP"
"32976 > 2145 [ACK] Seq=0 Ack=52 Win=6432 Len=0"
56 "13.327584" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
57 "13.327935" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
58 "13.328148" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70696 opnum: 8 ctx_id: 0"
59 "13.328407" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=5960 Ack=8976 Win=65535 Len=0"
60 "13.329141" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
61 "13.329146" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
62 "13.329150" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=9084 Ack=8880 Win=65535 Len=0"
Click to expand...
63 "13.329153" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70696 ctx_id: 0"
64 "13.398490" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=9084 Ack=8940 Win=65475 Len=0"
Click to expand...
65 "13.471567" "LinksysG_c0:d0:9b" "AsustekC_03:64:c7"
"ARP" "Who has 192.168.1.3? Tell 192.168.1.1"
66 "13.471572" "AsustekC_03:64:c7" "LinksysG_c0:d0:9b"
"ARP" "192.168.1.3 is at 00:11:2f:03:64:c7"
67 "14.605702" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70697 opnum: 69 ctx_id: 0"
68 "14.606790" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70697 ctx_id: 0"
69 "14.608121" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70698 opnum: 26 ctx_id: 0"
70 "14.608691" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70698 ctx_id: 0"
71 "14.610233" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70699 opnum: 29 ctx_id: 0"
72 "14.610834" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70699 ctx_id: 0"
73 "14.723656" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=9676 Ack=9260 Win=65155 Len=0"
Click to expand...
74 "16.751179" "192.168.1.7" "192.168.1.8" "TCP"
"38495 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=103192 TSER=0
WS=7"
75 "16.751707" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38495 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34392029 TSER=103192"
76 "16.751714" "192.168.1.7" "192.168.1.8" "TCP"
"38495 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=103192
TSER=34392029"
77 "16.767903" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to 192.168.1.8<20> from BOXKNOPIX<00>"
78 "16.768265" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
79 "16.768448" "192.168.1.7" "192.168.1.8" "TCP"
"38495 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=103197 TSER=34392033"
80 "16.768699" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38495 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34392033
TSER=103197"
81 "16.768945" "192.168.1.7" "192.168.1.8" "TCP"
"38496 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=103197 TSER=0
WS=7"
82 "16.771585" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38496 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34392033 TSER=103197"
83 "16.771647" "192.168.1.7" "192.168.1.8" "TCP"
"38496 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=103197
TSER=34392033"
84 "16.787697" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to *SMBSERVER<20> from BOXKNOPIX<00>"
85 "16.787932" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
86 "16.788122" "192.168.1.7" "192.168.1.8" "TCP"
"38496 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=103202 TSER=34392038"
87 "16.788414" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38496 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34392038
TSER=103202"
88 "16.788669" "192.168.1.7" "192.168.1.8" "NBNS" "Name
query NBSTAT
*<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>"
89 "16.789007" "192.168.1.8" "192.168.1.7" "NBNS" "Name
query response NBSTAT"
90 "16.789541" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=103202 TSER=0
WS=7"
91 "16.791312" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38497 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34392039 TSER=103202"
92 "16.791508" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=103202
TSER=34392039"
93 "16.807665" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to XPTEST<20> from BOXKNOPIX<00>"
94 "16.807946" "192.168.1.8" "192.168.1.7" "NBSS"
"Positive session response"
95 "16.807979" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [ACK] Seq=73 Ack=5 Win=5888 Len=0 TSV=103207
TSER=34392043"
96 "16.808190" "192.168.1.7" "192.168.1.8" "SMB"
"Negotiate Protocol Request"
97 "16.808873" "192.168.1.8" "192.168.1.7" "SMB"
"Negotiate Protocol Response"
98 "16.809175" "192.168.1.7" "192.168.1.8" "SMB"
"Session Setup AndX Request User: anonymous"
99 "16.809587" "192.168.1.8" "192.168.1.7" "SMB"
"Session Setup AndX Response"
100 "16.809763" "192.168.1.7" "192.168.1.8" "SMB" "Tree
Connect AndX Request Path: \\192.168.1.8\IPC$"
101 "16.810122" "192.168.1.8" "192.168.1.7" "SMB" "Tree
Connect AndX Response"
102 "16.810259" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
103 "16.810551" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
104 "16.810667" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
105 "16.810955" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
106 "16.814181" "192.168.1.7" "192.168.1.8" "NBSS"
"Session keep-alive"
107 "16.814533" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
108 "16.814814" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38497 [ACK] Seq=473 Ack=765 Win=65792 Len=0
TSV=34392044 TSER=103208"
109 "16.814817" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
110 "16.815127" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
111 "16.815446" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
112 "16.855578" "192.168.1.7" "192.168.1.8" "TCP"
"38497 > netbios-ssn [ACK] Seq=878 Ack=551 Win=8064 Len=0 TSV=103218
TSER=34392044"
113 "19.745935" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
114 "19.746313" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
115 "19.746547" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70700 opnum: 8 ctx_id: 0"
116 "19.747071" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=9260 Ack=12596 Win=65535 Len=0"
117 "19.747586" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
118 "19.747591" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
119 "19.747594" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=12704 Ack=12180 Win=65535 Len=0"
Click to expand...
120 "19.747597" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70700 ctx_id: 0"
121 "19.857047" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=12704 Ack=12240 Win=65475 Len=0"
Click to expand...
122 "26.220394" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
123 "26.220724" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
124 "26.220965" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70701 opnum: 8 ctx_id: 0"
125 "26.221350" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=12240 Ack=15624 Win=65535 Len=0"
126 "26.222160" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
127 "26.222166" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
128 "26.222169" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=15732 Ack=15160 Win=65535 Len=0"
Click to expand...
129 "26.222171" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70701 ctx_id: 0"
130 "26.305337" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=15732 Ack=15220 Win=65475 Len=0"
Click to expand...
131 "27.939477" "192.168.1.7" "192.168.1.8" "TCP"
"38498 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=105989 TSER=0
WS=7"
132 "27.939943" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38498 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34393762 TSER=105989"
133 "27.940070" "192.168.1.7" "192.168.1.8" "TCP"
"38498 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=105989
TSER=34393762"
134 "27.953084" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to 192.168.1.8<20> from BOXKNOPIX<00>"
135 "27.954087" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
136 "27.954835" "192.168.1.7" "192.168.1.8" "TCP"
"38498 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=105993 TSER=34393766"
137 "27.955099" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38498 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34393766
TSER=105993"
138 "27.955366" "192.168.1.7" "192.168.1.8" "TCP"
"38499 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=105993 TSER=0
WS=7"
139 "27.956509" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38499 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34393766 TSER=105993"
140 "27.956580" "192.168.1.7" "192.168.1.8" "TCP"
"38499 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=105994
TSER=34393766"
141 "27.958641" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [SYN] Seq=0 Len=0 MSS=1460"
Click to expand...
142 "27.969077" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to *SMBSERVER<20> from BOXKNOPIX<00>"
143 "27.969399" "192.168.1.8" "192.168.1.7" "NBSS"
"Negative session response Called name not present"
144 "27.969689" "192.168.1.7" "192.168.1.8" "TCP"
"38499 > netbios-ssn [FIN ACK] Seq=73 Ack=7 Win=5888 Len=0
TSV=105997 TSER=34393768"
145 "27.969922" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38499 [ACK] Seq=7 Ack=74 Win=66560 Len=0 TSV=34393769
TSER=105997"
146 "27.970076" "192.168.1.7" "192.168.1.8" "NBNS" "Name
query NBSTAT
*<00><00><00><00><00><00><00><00><00><00><00><00><00><00><00>"
147 "27.970405" "192.168.1.8" "192.168.1.7" "NBNS" "Name
query response NBSTAT"
148 "27.970774" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [SYN] Seq=0 Len=0 MSS=1460 TSV=105997 TSER=0
WS=7"
149 "27.972549" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38500 [SYN ACK] Seq=0 Ack=1 Win=2097152 Len=0
MSS=1460 WS=8 TSV=34393769 TSER=105997"
150 "27.972606" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [ACK] Seq=1 Ack=1 Win=5888 Len=0 TSV=105998
TSER=34393769"
151 "27.985013" "192.168.1.7" "192.168.1.8" "NBSS"
"Session request to XPTEST<20> from BOXKNOPIX<00>"
152 "27.985316" "192.168.1.8" "192.168.1.7" "NBSS"
"Positive session response"
153 "27.985355" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [ACK] Seq=73 Ack=5 Win=5888 Len=0 TSV=106001
TSER=34393771"
154 "27.985552" "192.168.1.7" "192.168.1.8" "SMB"
"Negotiate Protocol Request"
155 "27.986211" "192.168.1.8" "192.168.1.7" "SMB"
"Negotiate Protocol Response"
156 "27.986476" "192.168.1.7" "192.168.1.8" "SMB"
"Session Setup AndX Request User: anonymous"
157 "27.986893" "192.168.1.8" "192.168.1.7" "SMB"
"Session Setup AndX Response"
158 "27.987047" "192.168.1.7" "192.168.1.8" "SMB" "Tree
Connect AndX Request Path: \\192.168.1.8\IPC$"
159 "27.987407" "192.168.1.8" "192.168.1.7" "SMB" "Tree
Connect AndX Response"
160 "27.987545" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
161 "27.987843" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
162 "27.987957" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
163 "27.988261" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
164 "27.991385" "192.168.1.7" "192.168.1.8" "NBSS"
"Session keep-alive"
165 "27.991740" "192.168.1.7" "192.168.1.8" "SMB" "NT
Create AndX Request Path: \srvsvc"
166 "27.992023" "192.168.1.8" "192.168.1.7" "TCP"
"netbios-ssn > 38500 [ACK] Seq=473 Ack=765 Win=65792 Len=0
TSV=34393771 TSER=106002"
167 "27.992027" "192.168.1.8" "192.168.1.7" "SMB" "NT
Create AndX Response Error: STATUS_ACCESS_DENIED"
168 "27.992203" "192.168.1.7" "192.168.1.8" "LANMAN"
"NetShareEnum Request"
169 "27.992444" "192.168.1.8" "192.168.1.7" "SMB"
"Trans Response Error: STATUS_ACCESS_DENIED"
170 "28.000466" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [SYN ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1452"
Click to expand...
171 "28.000471" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [ACK] Seq=1 Ack=1 Win=65535 Len=0"
Click to expand...
172 "28.024509" "192.168.1.3" "68.22.73.140" "HTTP" "GET
/wxpsta/maps/wxp032/radar/d640x480/default.jpeg HTTP/1.0"
173 "28.032916" "192.168.1.7" "192.168.1.8" "TCP"
"38500 > netbios-ssn [ACK] Seq=878 Ack=551 Win=8064 Len=0 TSV=106013
TSER=34393771"
174 "28.056920" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [ACK] Seq=1 Ack=239 Win=6432 Len=0"
Click to expand...
175 "28.180479" "68.22.73.140" "192.168.1.3" "HTTP"
"HTTP/1.0 304 Not Modified"
176 "28.180486" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [FIN ACK] Seq=186 Ack=239 Win=6432 Len=0"
Click to expand...
177 "28.180488" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [ACK] Seq=239 Ack=187 Win=65350 Len=0"
Click to expand...
178 "28.192524" "192.168.1.3" "68.22.73.140" "TCP" "4500
www [FIN ACK] Seq=239 Ack=187 Win=65350 Len=0"
Click to expand...
179 "28.208523" "68.22.73.140" "192.168.1.3" "TCP" "www
4500 [ACK] Seq=187 Ack=240 Win=6432 Len=0"
Click to expand...
180 "31.680573" "192.168.1.2" "192.168.1.3" "NBSS" "NBSS
Continuation Message"
181 "31.680578" "192.168.1.3" "192.168.1.2" "TCP" "kpop
microsoft-ds [ACK] Seq=0 Ack=1 Win=64705 Len=0"
Click to expand...
182 "32.762474" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
183 "32.762906" "192.168.1.3" "192.168.1.2" "TCP" "[TCP
segment of a reassembled PDU]"
184 "32.763152" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70702 opnum: 8 ctx_id: 0"
185 "32.763484" "192.168.1.2" "192.168.1.3" "TCP"
"microsoft-ds > 2207 [ACK] Seq=15220 Ack=18652 Win=65535 Len=0"
186 "32.763802" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
187 "32.763825" "192.168.1.2" "192.168.1.3" "TCP" "[TCP
segment of a reassembled PDU]"
188 "32.763829" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=18760 Ack=18140 Win=65535 Len=0"
Click to expand...
189 "32.763831" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70702 ctx_id: 0"
190 "32.817856" "192.168.1.3" "192.168.1.8" "NBSS" "NBSS
Continuation Message"
191 "32.818072" "192.168.1.8" "192.168.1.3" "TCP"
"49215 > netbios-ssn [ACK] Seq=0 Ack=1 Win=255 Len=0 SLE=0 SRE=1"
192 "32.888767" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=18760 Ack=18200 Win=65475 Len=0"
Click to expand...
193 "34.052905" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70703 opnum: 69 ctx_id: 0"
194 "34.053838" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70703 ctx_id: 0"
195 "34.053844" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70704 opnum: 26 ctx_id: 0"
196 "34.054091" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70704 ctx_id: 0"
197 "34.054480" "192.168.1.3" "192.168.1.2" "DCERPC"
"Request: call_id: 70705 opnum: 29 ctx_id: 0"
198 "34.054958" "192.168.1.2" "192.168.1.3" "DCERPC"
"Response: call_id: 70705 ctx_id: 0"
199 "34.189968" "192.168.1.3" "192.168.1.2" "TCP" "2207
microsoft-ds [ACK] Seq=19352 Ack=18520 Win=65155 Len=0"
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to contact a Linux Distro to Vista? 3
Unable to use any share on linux based equipment 5
Vista Home Premium does not retain network password 5
NetBIOS Security 1
Cannot see access files on NAS Drive 1
Cannot Map Network Drive (After SP1?) 1
Vista Networking with Win98 / Mac / Linux / NAS 1
Accessing other XP machine and NAS from Vista 16

Top