Mewbyte - InfoSec Blog

SMB: Stands for Server Message Block, once known as Common Internet File System, is a communication protocol for providing shared access between systems on a network. At a high level, it is a set of rules adopted to share files, printers in a network. NetBIOS: Acronym for Network Basic Input/Output System, is a program that provides services on the session layer of the OSI model allowing applications to talk to each other within a LAN. Port 445: Used for file sharing over the network by windows. Microsoft made a change to run SMB over port 445 from Windows 2000. Port 445 is used by Microsoft directory services, known as Microsoft-DS. Port 445 is used by both TCP and UDP protocols for several Microsoft services. Microsoft active directory and domain services use this port for file replication, user and computer authentication, group policy and trusts. Most likely traffic on these ports relates to SMB, CIFS, SMB2, DFSN, LSARPC, NbtSS, NetLogonR, SamR and SrvSvc protocols and services. Po...

  LDAP (Lightweight Directory Access Protocol) is a software  protocol  for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network -- whether on the public Internet or on a corporate Intranet. LDAP is a "lightweight" (smaller amount of code) version of Directory Access Protocol (DAP), which is part of X.500, a standard for  directory  services in a network.  A directory tells the user where in the network something is located. On TCP/IP networks (including the internet), the domain name system (DNS) is the directory system used to relate the domain name to a specific network address (a unique location on the network). However, the user may not know the domain name. LDAP allows a user to search for an individual without knowing where they're located (although additional information will help with the search). Uses of LDAP The common use of LDAP is to p...