21.1 Meet the Plumbing: Named Pipes

Previous page
Table of content
Next page

As you are by now well aware, SMB is a protocol that implements a network filesystem and, of course, a network filesystem is the result of extrapolating the general concepts that lie behind a disk-based filesystem. The difference is that the network variety uses higher level protocols to stretch things out across a network.

Some disk-based filesystems (such as those used in Unix and its kin) can handle the inclusion of objects that aren't really files at all, but which through the use of some clever abstraction layers can be made to look and work like files. For those familiar with such things, common examples include device nodes, the contents of /proc , and Named Pipes.

We are interested in the latter.

A Named Pipe is, at its heart, an interprocess communications channel. It allows two programs running independently to exchange messages. The SMB protocol, as you have already guessed, provides support for Named Pipes, but it can stretch them out over the network so that programs on different machines can talk to one another.

Figure 21.1. Named Pipes

An SMB named pipe is an abstraction that provides two-way communication between processes on remote nodes. The pipe is given a name (" \PIPE\DREAM ", in this example) so that it can be easily identified by programs that wish to use it.

graphics/21fig01.gif

A Named Pipe is "named" so that it can be identified by the programs that want to use it. It is a "pipe" because data is shoved in at one end and then falls gracefully out the other. CIFS Named Pipes have some additional qualities:

They are transported over TCP .

The use of SMB (over NBT) over TCP means that Named Pipe transactions are reliable.

They are built on SMBtrans transactions.

SMBtrans allows for data transfers up to 64K in size, per transaction.

They are bi-directional .

As with other protocols that we have studied, data may be sent and received over the same connection.

They are filesystem abstractions.

CIFS Named Pipes can be opened, closed, read from, and written to.

These features make CIFS Named Pipes ideal for transporting network function calls, which is one of the key ways (but not the only way) they are used. The R emote A dministration P rotocol (RAP) and Microsoft's R emote P rocedure C all implementation (MS-RPC) are both built on top of Named Pipes.

Although they are filesystem abstractions, CIFS Named Pipes are kept separate from the real files and directories made available by the SMB Server Service. They are placed in a special share the IPC$ share which is "hidden." You won't be able to browse to it using the Windows Network Neighborhood tool. If you know it's there, however, you can access it just as you would any other SMB share specifically , by sending a SESSION SETUP followed by a TREE CONNECT .

Hidden Expense Alert

graphics/alert.gif

Share names that end with a dollar sign ('$') are considered "hidden" shares. It is expected that client software will not display hidden share names unless specifically asked to do so. Note that it is the client, not the server, that takes care of hiding the hidden shares. Samba's smbclient tool and the jCIFS List.java utility will both happily display hidden share names for you.


Named Pipes within the IPC$ share have names that match the following format: 

 \PIPE\  pipename

where pipename is determined by the service that created the pipe. Since they are filesystem abstractions, it would be logical to assume that the full name of a Named Pipe (in UNC format) would look something like this: 

 \  server  \IPC$\PIPE\  pipename

As it turns out, however, the DOS, OS/2, and Windows functions that manipulate Named Pipes abbreviate the name by removing "\IPC$" from the string, which gives: 

 \  server  \PIPE\  pipename

Named Pipes are created on the SMB server side by applications and tools that are willing to provide specialized services. The architecture is quite analogous to services that register NetBIOS names to make themselves available, it's just that there are more intervening protocol layers which provide additional features. For example, Named Pipes can take advantage of the SMB authentication and MAC signing mechanisms.

Microsoft has created several services that use Named Pipes, but the set of services that are actually available will vary depending upon the host OS and/or the CIFS implementation. Luke K. C. Leighton's book DCE/RPC over SMB: Samba and Windows NT Domain Internals (which we have referenced often) lists several known pipes that offer services based on MS-RPC.

Our particular interest, however, is with the specific Named Pipe that will connect us to the R emote A dministration P rotocol service. That pipe is: 

 \PIPE\LANMAN

We will be using it a little later on, when we dig into the one RAP function that is commonly used by the Browser Service: the NetServerEnum2 function.

...and that is really all we have to say about CIFS Named Pipes.

There is, of course, a lot more that could be said. Named Pipes can be used in a variety of ways to support a variety of different kinds of operations. Our goal, however, is to explore the Browse Service, so the scope of this discussion is purposfully limited.


Previous page
Table of content
Next page
Implementing CIFS. The Common Internet File System
Implementing CIFS: The Common Internet File System
ISBN: 013047116X
EAN: 2147483647
Year: 2002
Pages: 210
Authors: Christopher Hertel
BUY ON AMAZON
Beginning Cryptography with Java
Managing Enterprise Systems with the Windows Script Host
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
PMP Practice Questions Exam Cram 2
What is Lean Six Sigma
VBScript in a Nutshell, 2nd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy