Como o compartilhamento de arquivos do Windows realmente funciona?

1

Sei que, ao se comunicar por HTTP, a origem precisa ser baixada primeiro para ser visualizada no navegador. Mas que mecanismo está realmente em jogo quando se usa o compartilhamento de arquivos do Windows (ambos ao compartilhar através de um roteador de rede e compartilhar diretamente, por exemplo, um cabo LAN do PC-1 ao PC-2)?

  1. Uma solicitação é enviada ao servidor, que inicia a transmissão de dados em uma determinada porta para ser recebida pelo cliente?
  2. O cliente acessa a unidade do servidor como uma unidade convencional, lê dados e os copia para sua própria unidade?
    1. O servidor copia o arquivo para o disco rígido do cliente?
por Kraken 03.09.2016 / 23:07

1 resposta

2

Como o compartilhamento de arquivos do Windows realmente funciona?

Microsoft SMB Protocol Authentication

The security model used in Microsoft SMB Protocol is identical to the one used by other variants of SMB, and consists of two levels of security—user and share. A share is a file, directory, or printer that can be accessed by Microsoft SMB Protocol clients.

User-level authentication indicates that the client attempting to access a share on a server must provide a user name and password. When authenticated, the user can then access all shares on a server not also protected by share-level security. This security level allows system administrators to specifically determine which users and groups can access a share.

Share-level authentication indicates that access to a share is controlled by a password assigned to that share only. Unlike user-level security, this security level does not require a user name for authentication and no user identity is established.

Under both of these security levels, the password is encrypted before it is sent to the server. NTLM and the older LAN Manager (LM) encryption are supported by Microsoft SMB Protocol. Both encryption methods use challenge-response authentication, where the server sends the client a random string and the client returns a computed response string that proves the client has sufficient credentials for access.

source

Microsoft SMB Protocol and CIFS Protocol Overview

The Server Message Block (SMB) Protocol is a network file sharing protocol, and as implemented in Microsoft Windows is known as Microsoft SMB Protocol. The set of message packets that defines a particular version of the protocol is called a dialect. The Common Internet File System (CIFS) Protocol is a dialect of SMB. Both SMB and CIFS are also available on VMS, several versions of Unix, and other operating systems.

The technical reference to CIFS is available from Microsoft Corporation at Common Internet File System (CIFS) File Access Protocol.

Although its main purpose is file sharing, additional Microsoft SMB Protocol functionality includes the following:

  • Dialect negotiation
  • Determining other Microsoft SMB Protocol servers on the network, or network browsing
  • Printing over a network
  • File, directory, and share access authentication
  • File and record locking
  • File and directory change notification
  • Extended file attribute handling
  • Unicode support
  • Opportunistic locks

In the OSI networking model, Microsoft SMB Protocol is most often used as an Application layer or a Presentation layer protocol, and it relies on lower-level protocols for transport. The transport layer protocol that Microsoft SMB Protocol is most often used with is NetBIOS over TCP/IP (NBT). However, Microsoft SMB Protocol can also be used without a separate transport protocol—the Microsoft SMB Protocol/NBT combination is generally used for backward compatibility.

The Microsoft SMB Protocol is a client-server implementation and consists of a set of data packets, each containing a request sent by the client or a response sent by the server. These packets can be broadly classified as follows:

  • Session control packets—Establishes and discontinues a connection to shared server resources.
  • File access packets—Accesses and manipulates files and directories on the remote server.
  • General message packets—Sends data to print queues, mailslots, and named pipes, and provides data about the status of print queues.

Some message packets may be grouped and sent in one transmission to reduce response latency and increase network bandwidth. This is called "batching." The Microsoft SMB Protocol Packet Exchange Scenario section describes an example of a Microsoft SMB Protocol session that uses packet batching.


Topic: Microsoft SMB Protocol Dialects

  • Description: To establish a connection between a client and a server using Microsoft SMB Protocol, you must first determine the dialect with the highest level of functionality that both the client and server support.

Topic: Microsoft SMB Protocol Authentication

  • Description: The security model used in Microsoft SMB Protocol is identical to the one used by other variants of SMB, and consists of two levels of security—user and share. A share is a file, directory, or printer that can be accessed by Microsoft SMB Protocol clients.

Topic: Microsoft SMB Protocol Packet Exchange Scenario

  • Description: Example of a Microsoft SMB Protocol packet exchange between a client and a server.

source

comentário esclarecimento

Pacotes de acesso a arquivos - acessa e manipula arquivos e diretórios no servidor remoto. ' Como isso acontece? Onde está o pacote de resposta para fornecer os dados solicitados ao cliente? Kraken

Each packet is typically a basic request of some kind, such as open file, close file, or read file. The server then receives the packet, checks to see if the request is legal, verifies the client has the appropriate file permissions, and finally executes the request and returns a response packet to the client. The client then parses the response packet and can determine whether or not the initial request was successful.

source

Mais recursos

Um diagrama e uma explicação dos aspectos de autenticação envolvidos no estabelecimento de uma sessão cliente-servidor com o protocolo.

LêmaisdetalhessobreoSMB.

por 03.09.2016 / 23:20