[jcifs] 0x1B names.

[Christopher R. Hertel]

> Every 15 minutes a Domain Master Browser queries WINS for a list of domain
> names. You would be able to see it in Netmon or Ethereal as a netbios
> Named Query Request where the name started with an asterisk '*' and has
> a type code of <1b>. If you run Ethereal on the same network as the DMB
> (whithout a switch inbetween of course) you might capture it. The problem
> is picking an appropriate filter for Ethereal so that you're not wading
> through tons of junk. Even if you filter down to direct DMB <--> WINS
> communication and name query requests only, you might get too much in 15
> minutes. Anyone know a good filter for this? There's probably an easier
> way to do it like set up you're own little DMB momentarily. Or reboot the
> DMB and catch it making the call on boot.

Yes.  This is what I'm looking for.  I don't mind wading through if I can 
get a look at what happens.  Better yet, I can whip up some code to send 
the query and see what happens.

What I want to test is this:

  1) Does it matter if the padding is a space or a nul (and which is used 
     by default)?

  2) What does the reply look like?

I'm guessing that the padding character matters, as Windows doesn't 
typically decode names before comparing them (they compare the raw 
encoded name--which actually makes sense).

I'm also guessing that the reply looks like a Multi-homed or Internet 
Group reply, with a list of IPs.

Chris -)-----

-- 
Christopher R. Hertel -)-----                   University of Minnesota
crh at nts.umn.edu              Networking and Telecommunications Services

    Ideals are like stars; you will not succeed in touching them
    with your hands...you choose them as your guides, and following
    them you will reach your destiny.  --Carl Schultz