Добавил:

Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.

Вуз:

Национальный минерально-сырьевой университет «Горный»

Предмет:

[НЕСОРТИРОВАННОЕ]

Файл:

Сети1 и 2 сем 2011 / 1 сем / Ethereal / user-guide.pdf

Скачиваний:

Добавлен:

02.04.2015

Размер:

3.35 Mб

Скачать

☆

<<< < Предыдущая 33 34 35 36 37 38 39 40 41 42 43 4445 / 7845 46 47 48 49 50 51 52 53 54 55 56 57 > Следующая >>>

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
netlogon.site_name	Site Name	String
netlogon.sync_context	Sync Context	Unsigned 32-bit integer
netlogon.system_ﬂags	System Flags	Unsigned 32-bit integer
netlogon.tc_connection_statusTC Connection Status		Unsigned 32-bit integer

netlogon.time_limit	Time Limit	Time duration
netlogon.timestamp	Timestamp	Date/Time stamp
netlogon.trusted_dc	Trusted DC	String
netlogon.trusted_domain	Trusted Domain	String
netlogon.unknown.char	Unknown char	Unsigned 8-bit integer
netlogon.unknown.long	Unknown long	Unsigned 32-bit integer
netlogon.unknown.short	Unknown short	Unsigned 16-bit integer
netlogon.unknown.time	Unknown time	Date/Time stamp
netlogon.unknown_string	Unknown string	String
netlogon.user_ﬂags	User Flags	Unsigned 32-bit integer
netlogon.user_session_key	User Session Key	Byte array
netlogon.validation_level	Validation Level	Unsigned 16-bit integer
netlogon.wkst.fqdn	Wkst FQDN	String
netlogon.wkst.name	Wkst Name	String
netlogon.wkst.os	Wkst OS	String
netlogon.wkst.site_name	Wkst Site Name	String
netlogon.wksts	Workstations	String

Microsoft Registry (winreg)

Table A-136. Microsoft Registry (winreg)

Field	Field Name	Type
reg.access_mask	Access mask	Unsigned 32-bit integer
reg.hnd	Context handle	Byte array
reg.keyname	Key name	String
reg.openentry.unknown1	Unknown 1	Unsigned 32-bit integer
reg.openhklm.unknown1	Unknown 1	Unsigned 16-bit integer
reg.openhklm.unknown2	Unknown 2	Unsigned 16-bit integer
reg.opnum	Operation	Unsigned 16-bit integer
reg.querykey.class	Class	String

210

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
reg.querykey.max_subkey_	lenMax subkey len	Unsigned 32-bit integer

reg.querykey.max_valbuf_sizeMax valbuf size		Unsigned 32-bit integer

reg.querykey.max_valname_Maxlen valnum len		Unsigned 32-bit integer

reg.querykey.modtime	Mod time	Date/Time stamp
reg.querykey.num_subkeys	Num subkeys	Unsigned 32-bit integer

reg.querykey.num_values	Num values	Unsigned 32-bit integer
reg.querykey.reserved	Reserved	Unsigned 32-bit integer
reg.querykey.secdesc	Secdesc	Unsigned 32-bit integer
reg.rc	Return code	Unsigned 32-bit integer
reg.unknown1A.unknown1 Unknown 1		Unsigned 32-bit integer

Microsoft Security Account Manager (samr)

Table A-137. Microsoft Security Account Manager (samr)

Field	Field Name	Type
nt.acct_ctrl	Acct Ctrl	Unsigned 32-bit integer
nt.str.len	Length	Unsigned 32-bit integer
nt.str.max_len	Max Length	Unsigned 32-bit integer
nt.str.offset	Offset	Unsigned 32-bit integer
nt.string.length	Length	Unsigned 16-bit integer
nt.string.size	Size	Unsigned 16-bit integer
samr.access	Access Mask	Unsigned 32-bit integer
samr.acct_desc	Account Desc	String
samr.acct_expiry_time	Acct Expiry	Date/Time stamp
samr.acct_name	Account Name	String
samr.alias	Alias	Unsigned 32-bit integer
samr.alias_name	Alias Name	String
samr.attr	Attributes	Unsigned 32-bit integer
samr.bad_pwd_count	Bad Pwd Count	Unsigned 16-bit integer
samr.codepage	Codepage	Unsigned 16-bit integer
samr.comment	Comment	String

211

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
samr.count	Count	Unsigned 32-bit integer
samr.country	Country	Unsigned 16-bit integer
samr.crypt_hash	Hash	Byte array
samr.crypt_password	Password	Byte array
samr.dc	DC	String
samr.divisions	Divisions	Unsigned 16-bit integer
samr.domain	Domain	String
samr.entries	Entries	Unsigned 32-bit integer
samr.full_name	Full Name	String
samr.group	Group	Unsigned 32-bit integer
samr.group_name	Group Name	String
samr.hnd	Context Handle	Byte array
samr.home	Home	String
samr.home_drive	Home Drive	String
samr.index	Index	Unsigned 32-bit integer
samr.info_type	Info Type	Unsigned 32-bit integer
samr.kickoff_time	Kickoff Time	Date/Time stamp
samr.level	Level	Unsigned 16-bit integer
samr.lm_change	LM Change	Unsigned 8-bit integer
samr.lm_pwd_set	LM Pwd Set	Unsigned 8-bit integer
samr.logoff_time	Logoff Time	Date/Time stamp
samr.logon_count	Logon Count	Unsigned 16-bit integer
samr.logon_time	Logon Time	Date/Time stamp
samr.mask	Mask	Unsigned 32-bit integer
samr.max_entries	Max Entries	Unsigned 32-bit integer
samr.max_pwd_age	Max Pwd Age	Time duration
samr.min_pwd_age	Min Pwd Age	Time duration
samr.min_pwd_len	Min Pwd Len	Unsigned 16-bit integer
samr.nt_pwd_set	NT Pwd Set	Unsigned 8-bit integer
samr.num_aliases	Num Aliases	Unsigned 32-bit integer
samr.num_groups	Num Groups	Unsigned 32-bit integer
samr.num_users	Num Users	Unsigned 32-bit integer
samr.opnum	Operation	Unsigned 16-bit integer
samr.parameters	Parameters	String
samr.pref_maxsize	Pref MaxSize	Unsigned 32-bit integer
samr.proﬁle	Proﬁle	String

212

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
samr.pwd_Expired	Expired ﬂag	Unsigned 8-bit integer
samr.pwd_can_change_timePWD Can Change		Date/Time stamp

samr.pwd_history_len	Pwd History Len	Unsigned 16-bit integer
samr.pwd_last_set_time	PWD Last Set	Date/Time stamp
samr.pwd_must_change_timePWD Must Change		Date/Time stamp

samr.rc	Return code	Unsigned 32-bit integer
samr.resume_hnd	Resume Hnd	Unsigned 32-bit integer
samr.ret_size	Returned Size	Unsigned 32-bit integer
samr.revision	Revision
samr.rid	Rid	Unsigned 32-bit integer
samr.rid.attrib	Rid Attrib	Unsigned 32-bit integer
samr.script	Script	String
samr.server	Server	String
samr.start_idx	Start Idx	Unsigned 32-bit integer
samr.total_size	Total Size	Unsigned 32-bit integer
samr.type	Type	Unsigned 32-bit integer
samr.unknown.char	Unknown char	Unsigned 8-bit integer
samr.unknown.hyper	Unknown hyper
samr.unknown.long	Unknown long	Unsigned 32-bit integer
samr.unknown.short	Unknown short	Unsigned 16-bit integer
samr.unknown_string	Unknown string	String
samr.unknown_time	Unknown time	Date/Time stamp
samr.workstations	Workstations	String

Microsoft Server Service (srvsvc)

Table A-138. Microsoft Server Service (srvsvc)

Field	Field Name	Type
srvsvc.	Max Raw Buf Len	Unsigned 32-bit integer
srvsvc.acceptdownlevelapisAccept	Downlevel APIs	Unsigned 32-bit integer

srvsvc.accessalert	Access Alerts	Unsigned 32-bit integer
srvsvc.activelocks	Active Locks	Unsigned 32-bit integer

213

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
srvsvc.alerts	Alerts	String
srvsvc.alertsched	Alert Sched	Unsigned 32-bit integer
srvsvc.alist_mtime	Alist mtime	Unsigned 32-bit integer
srvsvc.ann_delta	Announce Delta	Unsigned 32-bit integer
srvsvc.announce	Announce	Unsigned 32-bit integer
srvsvc.auditedevents	Audited Events	Unsigned 32-bit integer
srvsvc.auditproﬁle	Audit Proﬁle	Unsigned 32-bit integer
srvsvc.autopath	Autopath	String
srvsvc.chdevjobs	Char Dev Jobs	Unsigned 32-bit integer
srvsvc.chdevqs	Char Devqs	Unsigned 32-bit integer
srvsvc.chdevs	Char Devs	Unsigned 32-bit integer
srvsvc.chrdev	Char Device	String
srvsvc.chrdev_opcode	Opcode	Unsigned 32-bit integer
srvsvc.chrdev_status	Status	Unsigned 32-bit integer
srvsvc.chrdev_time	Time	Unsigned 32-bit integer
srvsvc.chrdevq	Device Queue	String
srvsvc.chrqdev_numahead	Num Ahead	Unsigned 32-bit integer

srvsvc.chrqdev_numusers	Num Users	Unsigned 32-bit integer
srvsvc.chrqdev_pri	Priority	Unsigned 32-bit integer
srvsvc.client.type	Client Type	String
srvsvc.comment	Comment	String
srvsvc.computer	Computer	String
srvsvc.con_id	Connection ID	Unsigned 32-bit integer
srvsvc.con_num_opens	Num Opens	Unsigned 32-bit integer
srvsvc.con_time	Connection Time	Unsigned 32-bit integer
srvsvc.con_type	Connection Type	Unsigned 32-bit integer
srvsvc.connections	Connections	Unsigned 32-bit integer
srvsvc.cur_uses	Current Uses	Unsigned 32-bit integer
srvsvc.disc	Disc	Unsigned 32-bit integer
srvsvc.disk_name	Disk Name	String
srvsvc.disk_name_len	Disk Name Length	Unsigned 32-bit integer
srvsvc.diskalert	Disk Alerts	Unsigned 32-bit integer
srvsvc.diskspacetreshold	Diskspace Treshold	Unsigned 32-bit integer
srvsvc.domain	Domain	String
srvsvc.emulated_server	Emulated Server	String

214

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
srvsvc.enablefcbopens	Enable FCB Opens	Unsigned 32-bit integer
srvsvc.enableforcedlogoff	Enable Forced Logoff	Unsigned 32-bit integer
srvsvc.enableoplockforcecloseEnable	Oplock Force Close	Unsigned 32-bit integer

srvsvc.enableoplocks	Enable Oplocks	Unsigned 32-bit integer
srvsvc.enableraw	Enable RAW	Unsigned 32-bit integer
srvsvc.enablesharednetdrivesEnable	Shared Net Drives	Unsigned 32-bit integer

srvsvc.enablesoftcompat	Enable Soft Compat	Unsigned 32-bit integer
srvsvc.enum_hnd	Enumeration handle	Byte array
srvsvc.erroralert	Error Alerts	Unsigned 32-bit integer
srvsvc.errortreshold	Error Treshold	Unsigned 32-bit integer
srvsvc.ﬁle_id	File ID	Unsigned 32-bit integer
srvsvc.ﬁle_num_locks	Num Locks	Unsigned 32-bit integer
srvsvc.glist_mtime	Glist mtime	Unsigned 32-bit integer
srvsvc.guest	Guest Account	String
srvsvc.hidden	Hidden	Unsigned 32-bit integer
srvsvc.hnd	Context Handle	Byte array
srvsvc.info.platform_id	Platform ID	Unsigned 32-bit integer
srvsvc.initconntable	Init Connection Table	Unsigned 32-bit integer
srvsvc.initﬁletable	Init File Table	Unsigned 32-bit integer
srvsvc.initsearchtable	Init Search Table	Unsigned 32-bit integer
srvsvc.initsesstable	Init Session Table	Unsigned 32-bit integer
srvsvc.initworkitems	Init Workitems	Unsigned 32-bit integer
srvsvc.irpstacksize	Irp Stack Size	Unsigned 32-bit integer
srvsvc.lanmask	LANMask	Unsigned 32-bit integer
srvsvc.licences	Licences	Unsigned 32-bit integer
srvsvc.linkinfovalidtime	Link Info Valid Time	Unsigned 32-bit integer
srvsvc.lmannounce	LM Announce	Unsigned 32-bit integer
srvsvc.logonalert	Logon Alerts	Unsigned 32-bit integer
srvsvc.max_uses	Max Uses	Unsigned 32-bit integer
srvsvc.maxaudits	Max Audits	Unsigned 32-bit integer
srvsvc.maxcopyreadlen	Max Copy Read Len	Unsigned 32-bit integer
srvsvc.maxcopywritelen	Max Copy Write Len	Unsigned 32-bit integer
srvsvc.maxfreeconnections	Max Free Conenctions	Unsigned 32-bit integer

215

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
srvsvc.maxkeepcomplsearchMax	Keep Compl Search	Unsigned 32-bit integer

srvsvc.maxkeepsearch	Max Keep Search	Unsigned 32-bit integer
srvsvc.maxlinkdelay	Max Link Delay	Unsigned 32-bit integer
srvsvc.maxmpxct	MaxMpxCt	Unsigned 32-bit integer
srvsvc.maxnonpagedmemoryusageMax	Non-Paged Memory	Unsigned 32-bit integer
	Usage
srvsvc.maxpagedmemoryusageMax	Paged Memory Usage	Unsigned 32-bit integer

srvsvc.maxworkitemidletimeMax	Workitem Idle Time	Unsigned 32-bit integer

srvsvc.maxworkitems	Max Workitems	Unsigned 32-bit integer
srvsvc.minfreeconnections	Min Free Conenctions	Unsigned 32-bit integer
srvsvc.minfreeworkitems	Min Free Workitems	Unsigned 32-bit integer
srvsvc.minkeepcomplsearchMin	Keep Compl Search	Unsigned 32-bit integer

srvsvc.minkeepsearch	Min Keep Search	Unsigned 32-bit integer
srvsvc.minlinkthroughput	Min Link Throughput	Unsigned 32-bit integer
srvsvc.minrcvqueue	Min Rcv Queue	Unsigned 32-bit integer
srvsvc.netioalert	Net I/O Alerts	Unsigned 32-bit integer
srvsvc.networkerrortresholdNetwork	Error Treshold	Unsigned 32-bit integer

srvsvc.num_admins	Num Admins	Unsigned 32-bit integer
srvsvc.numbigbufs	Num Big Bufs	Unsigned 32-bit integer
srvsvc.numblockthreads	Num Block Threads	Unsigned 32-bit integer
srvsvc.numﬁletasks	Num Filetasks	Unsigned 32-bit integer
srvsvc.openﬁles	Open Files	Unsigned 32-bit integer
srvsvc.opensearch	Open Search	Unsigned 32-bit integer
srvsvc.oplockbreakresponsewaitOplock	Break Response	Unsigned 32-bit integer
	wait
srvsvc.oplockbreakwait	Oplock Break Wait	Unsigned 32-bit integer
srvsvc.opnum	Operation	Unsigned 16-bit integer
srvsvc.outbuﬂen	OutBufLen	Unsigned 32-bit integer
srvsvc.parm_error	Parameter Error	Unsigned 32-bit integer
srvsvc.path	Path	String
srvsvc.path_ﬂags	Flags	Unsigned 32-bit integer
srvsvc.path_len	Len	Unsigned 32-bit integer
srvsvc.path_type	Type	Unsigned 32-bit integer

216

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
srvsvc.perm	Permissions	Unsigned 32-bit integer
srvsvc.preferred_len	Preferred length	Unsigned 32-bit integer
srvsvc.preﬁx	Preﬁx	String
srvsvc.qualiﬁer	Qualiﬁer	String
srvsvc.rawworkitems	Raw Workitems	Unsigned 32-bit integer
srvsvc.rc	Return code	Unsigned 32-bit integer
srvsvc.reserved	Reserved	Unsigned 32-bit integer
srvsvc.scavqosinfoupdatetimeScav	QoS Info Update	Unsigned 32-bit integer
	Time
srvsvc.scavtimeout	Scav Timeout	Unsigned 32-bit integer
srvsvc.security	Security	Unsigned 32-bit integer
srvsvc.server	Server	String
srvsvc.server.type	Server Type	Unsigned 32-bit integer
srvsvc.server_stat.avresponseAvresponse		Unsigned 32-bit integer

srvsvc.server_stat.bigbufneedBig Buf Need		Unsigned 32-bit integer

srvsvc.server_stat.bytesrcvdBytes Rcvd

srvsvc.server_stat.bytessent Bytes Sent

srvsvc.server_stat.devopensDevopens		Unsigned 32-bit integer

srvsvc.server_stat.fopens	Fopens	Unsigned 32-bit integer
srvsvc.server_stat.jobsqueuedJobs Queued		Unsigned 32-bit integer

srvsvc.server_stat.permerrorsPermerrors		Unsigned 32-bit integer

srvsvc.server_stat.pwerrors Pwerrors		Unsigned 32-bit integer

srvsvc.server_stat.reqbufneedReq Buf Need		Unsigned 32-bit integer

srvsvc.server_stat.serrorout Serrorout		Unsigned 32-bit integer

srvsvc.server_stat.sopens	Sopens	Unsigned 32-bit integer
srvsvc.server_stat.start	Start	Unsigned 32-bit integer
srvsvc.server_stat.stimeoutsstimeouts		Unsigned 32-bit integer

srvsvc.server_stat.syserrors Syserrors		Unsigned 32-bit integer

217

Appendix A. Ethereal Display Filter Fields

Field	Field Name	Type
srvsvc.service	Service	String
srvsvc.service_bits	Service Bits	Unsigned 32-bit integer
srvsvc.service_bits_of_interestService Bits Of Interest		Unsigned 32-bit integer

srvsvc.service_options	Options	Unsigned 32-bit integer
srvsvc.session	Session	String
srvsvc.session.idle_time	Idle Time	Unsigned 32-bit integer
srvsvc.session.num_opens	Num Opens	Unsigned 32-bit integer
srvsvc.session.time	Time	Unsigned 32-bit integer
srvsvc.session.user_ﬂags	User Flags	Unsigned 32-bit integer
srvsvc.sessopens	Sessions Open	Unsigned 32-bit integer
srvsvc.sessreqs	Sessions Reqs	Unsigned 32-bit integer
srvsvc.sessvcs	Sessions VCs	Unsigned 32-bit integer
srvsvc.share	Share	String
srvsvc.share.num_entries	Number of entries	Unsigned 32-bit integer
srvsvc.share_passwd	Share Passwd	String
srvsvc.share_type	Share Type	Unsigned 32-bit integer
srvsvc.shares	Shares	Unsigned 32-bit integer
srvsvc.sizreqbufs	Siz Req Bufs	Unsigned 32-bit integer
srvsvc.srvheuristics	Server Heuristics	String
srvsvc.threadcountadd	Thread Count Add	Unsigned 32-bit integer
srvsvc.threadpriority	Thread Priority	Unsigned 32-bit integer
srvsvc.timesource	Timesource	Unsigned 32-bit integer
srvsvc.tod.day	Day	Unsigned 32-bit integer
srvsvc.tod.elapsed	Elapsed	Unsigned 32-bit integer
srvsvc.tod.hours	Hours	Unsigned 32-bit integer
srvsvc.tod.hunds	Hunds	Unsigned 32-bit integer
srvsvc.tod.mins	Mins	Unsigned 32-bit integer
srvsvc.tod.month	Month	Unsigned 32-bit integer
srvsvc.tod.msecs	msecs	Unsigned 32-bit integer
srvsvc.tod.secs	Secs	Unsigned 32-bit integer
srvsvc.tod.timezone	Timezone	Unsigned 32-bit integer
srvsvc.tod.tinterval	Tinterval	Unsigned 32-bit integer
srvsvc.tod.weekday	Weekday	Unsigned 32-bit integer
srvsvc.tod.year	Year	Unsigned 32-bit integer
srvsvc.transport	Transport	String

218

<<< < Предыдущая 33 34 35 36 37 38 39 40 41 42 43 4445 / 7845 46 47 48 49 50 51 52 53 54 55 56 57 > Следующая >>>

Соседние файлы в папке Ethereal

#
02.04.201584.63 Кб22MYFFFF2.txt
#
02.04.201589.64 Кб22MYFFFF3.txt
#
02.04.20154.05 Кб20torambl
#
02.04.2015437.77 Кб20traf1
#
02.04.201567.72 Кб21traf2
#
02.04.20153.35 Mб37user-guide.pdf