CHAPTER 8

Microsoft-Related Protocols

The proliferation of networked Microsoft operating systems has created the need for the understanding of an entirely new set of protocols. Although these protocols are not necessarily specific to Microsoft, their use at such a deep level warrants their inclusion here as relating to Microsoft and its systems. I have included the protocols DHCP, NetBIOS, and SMB in this chapter because they make up the core upper-layer protocols used in Microsoft environments. A good understanding of their operation gives analysts another level of depth in their ability to troubleshoot Microsoft-specific problems.

Dynamic Host Configuration Protocol

The Dynamic Host Configuration Protocol (DHCP) provides dynamic configuration information to hosts running the Internet Protocol. DHCP is based on a client/server model whereby a client requests and receives configuration information from a server, which allows it to operate properly over the IP network. DHCP is specified in RFC 2131, as well as several other RFCs that detail certain options and extensions for the DHCP protocol. By providing dynamic configuration of IP addresses and other parameters, DHCP reduces the time it would normally take an administrator to manually configure a host with this information. With DHCP, workstations can be simply kickstarted on an IP network by selecting the DHCP option in a workstation's IP configuration. DHCP also has the ability to provide optional configuration parameters such ...