Geeks With Blogs

News

Google My Blog


Murray Gordon Flash a-ah! Savior of the universe...

What is UDP, and how do I use it? UDP stands for User Datagram Protocol, and it is also known as RFC678. What does RFC stand for? UDP is an alternative protocol to TCP, Transmission Control Protocol, which is used for serving webpages. It is used for a variety of things including networked games. I'm interested in understanding how to read the Endpoint Mapper found at port 135 in Window's machine.

  • Microsoft has a tool called PortQry, which enables one to do UDP queries in a straight-forward manner. Some documentation is available - in particular, it gives an example of how to query the Endpoint Mapper.
  • A list of port assignments. We want 135, DCE endpoint resolution.
  • Closer: rpcdump dumps the contents of the endpoint mapper database. Wow, it works, and comes with source.
RPC is an acronym for Remote Procedure Call. Essentially, over the network, one can call a function, send parameters, and get results. In this case we want to send a call to port 135 to a lookup function that will dump the endpoints.
  • XML-RPC is a spec and implemenation of RPC for PHP. Will it do the trick? No, I think this is something else. It allows you to use RPC but communicate using XML.
  • Aha, RpcMgmtEpEltInqBegin. Ugly.
Ok, here we go. The binding handle, I think, is what we generate by using fsockopen("udp://www.thesite.com",135,$errno,$errstr). And then, there's a bunch of options... wow, this might be undoable. Wait though, backing up, we recall that XML-RPC runs on all platforms, so there must be away to do it without using Microsoft's convention - though it may be very hard to sort it all out.
  • Still closer. Take a look at erlang.org. But can he do it without installing anything on the windows box? rpc:call looks very close to RpcMgmtEpEltInqBegin in arguments.
  • How does an RPC call work anyhow?
  • Oh yes, and then there is mynetwatchman.com's site, which gives information on how those net send spam artists work. I keep meaning to save this one. It makes a lot more sense now.

For those of you wishing to go a little more in depth, there are a number of books on Windows network security that will shed more light. You might also considering looking for an expert on something like Scriptlance.

Microsoft Windows Security Resource Kit, Second Edition (Resource Kit)
Author: Ben Smith; Brian Komar
Price: $49.99 $32.99 (Used starting at $27.99)
ISBN: 0735621748
Release date: 27 April, 2005
Average customer rating: 5.0 (1 reviews)
Sales rank: 195739
MCSA/MCSE Self-Paced Training Kit (Exam 70-299): Implementing and Administering Security in a Microsoft Windows Server 2003 Network (Pro-Certification)
Author: Tony Northrup; Orin Thomas
Price: $59.99 $35.99 (Used starting at $19.20)
ISBN: 073562061X
Release date: 21 April, 2004
Average customer rating: 4.5 (7 reviews)
Sales rank: 9446
MCSE Self-Paced Training Kit (Exam 70-298): Designing Security for a Microsoft Windows Server(TM) 2003 Network (Training Kit)
Author: Roberta Bragg
Price: $59.99 $37.79 (Used starting at $17.72)
ISBN: 0735619697
Release date: 04 February, 2004
Average customer rating: 2.0 (8 reviews)
Sales rank: 20105
Hacking Windows XP (ExtremeTech)
Author: Steve Sinchak
Price: $24.99 $16.49 (Used starting at $11.71)
ISBN: 0764569295
Release date: 06 August, 2004
Average customer rating: 4.0 (16 reviews)
Sales rank: 28817
Programming .NET Security
Author: Adam Freeman; Allen Jones
Price: $44.95 $29.67 (Used starting at $19.98)
ISBN: 0596004427
Release date: June, 2003
Average customer rating: 5.0 (6 reviews)
Sales rank: 32002
Hardening Windows Systems (Hardening)
Author: Roberta Bragg
Price: $39.99 $26.39 (Used starting at $3.62)
ISBN: 0072253541
Release date: 11 May, 2004
Average customer rating: 4.5 (9 reviews)
Sales rank: 42388
Protect Your Windows Network : From Perimeter to Data (Microsoft Technology)
Author: Jesper M. Johansson; Steve Riley
Price: $49.99 $26.99 (Used starting at $23.78)
ISBN: 0321336437
Release date: 20 May, 2005
Average customer rating: 5.0 (8 reviews)
Sales rank: 19178
Smart Home Hacks : Tips & Tools for Automating Your House (Hacks)
Author: Gordon Meyer
Price: $24.95 $16.47 (Used starting at $6.74)
ISBN: 0596007221
Release date: 25 October, 2004
Average customer rating: 4.0 (7 reviews)
Sales rank: 43383
Windows Server Cookbook for Windows Server 2003 and Windows 2000
Author: Robbie Allen
Price: $44.95 $29.67 (Used starting at $26.50)
ISBN: 0596006330
Release date: 23 March, 2005
Average customer rating: 5.0 (15 reviews)
Sales rank: 64917
Network Security Hacks
Author: Andrew Lockhart
Price: $24.95 $16.47 (Used starting at $8.99)
ISBN: 0596006438
Release date: 01 April, 2004
Average customer rating: 4.0 (11 reviews)
Sales rank: 60622

 

Research help from “Tim’s Journal” at http://torque.oncloud8.com/archives/000053.html. Thanks Tim.

Posted on Friday, February 3, 2006 9:22 AM | Back to top


Comments on this post: What is EPMAP or Endpoint Mapper? (Notes on my research)

# re: What is EPMAP or Endpoint Mapper? (Notes on my research)
Requesting Gravatar...
What is epmap, why does norton say blocked communications.
Left by Dale on Apr 14, 2007 8:07 PM

Your comment:
 (will show your gravatar)


Copyright © Murray Gordon | Powered by: GeeksWithBlogs.net