I don't understand that.
-- Dungeon
R. M. Supnik, InfoCom
Abstract Syntax Notation One
A language used to define the structure and content of objects such as data records and protocol messages, along the lines of a super-duper version of the typedef in C, only a lot more powerful. ASN.1 was developed as part of the Open Systems Interconnection (OSI) environment, and was originally used for writing specifications. More recently, though, tools have been developed that will generate software from ASN.1.

See also: Distinguished Encoding Rules
Web reference: The ASN.1 Consortium (

Astoundium The element of suprise.
Attacker In this context, one who attacks a computer system either to gain access or, as in a "Denial of Service attack", to cause a failure in the system or data loss.

See also: Cracker

Backup Browser Browser nodes which are not elected to be the Local Master Browser may be called upon to store a backup Browse List and to respond to a client request for a copy of the Browse List. These hosts are called Backup Browsers.

See also: Local Master Browser

Backup Domain Controller
A Windows NT Domain Controller (DC) which keeps a backup copy of the user/group authentication database in an NT Domain. The master copy is maintained by the Primary Domain Controller (PDC). A Backup Domain Controller can be promoted to the role of PDC in a pinch. Only one PDC is permitted per NT Domain, but there may be any number of BDCs.

See also: Domain Controller, Primary Domain Controller

BAF Protocol The very first name for the protocol formerly known as SMB. The SMB protocol was originally developed by Dr. Barry A. Feigenbaum at IBM and, according to legend, was originally given his initials. It was later renamed SMB and, more recently, CIFS.

See also: CIFS, SMB

Bran Pronounced Brahhn. The name of my dog.
Browser Node See: Potential Browser
Browser Election The process by which a browser node on a NetBIOS LAN is chosen to be the primary repository of service information for that LAN (that is, the Local Master Browser). Under NBT, the election process takes place within the confines of the local IP subnet.
CIFS Common Internet File System. The protocol formerly known as Server Message Block (SMB) and, before that, as the BAF protocol (after its original creator, Dr. Barry Feigenbaum). CIFS is a protocol for file and device sharing across a network.

See also: SMB

Cracker One who attacks a system in an effort to break security, probably to gain unauthorized access.

Goodguy crackers (sometimes called "White Hat" crackers) used to provide the very beneficial service of exposing weaknesses so that they could be fixed, but then the US Congress enacted the Digital Millennium Copyright Act (DMCA) which made talking about such things illegal in the US and potentially dangerous elsewhere1.

See also: Attacker
Do not see also: Hacker

Distinguished Encoding Rules
A set of rules for encoding and decoding ASN.1 data for network transport. DER provides a standard format for transport of data over a network so that the receiving end can convert the data back into their correct ASN.1 format. DER is a specialized form of a more general encoding known as BER (Basic Encoding Rules). DER is designed to work well with security protocols, and is used for encoding Kerberos and LDAP exchanges.

See also: ASN.1, Kerberos, LDAP

Domain Controller
An authentication server in a WindowsNT or Windows2000 Domain. A Domain Controller (DC) maintains a database of user, group, and machine accounts and other security information, and provides authentication services to the NT or W2K Domain.

In an NT Domain, one of the DCs will be designated the Primary Domain Controller (PDC). All security database administration is handled via the PDC, and copies of the database are then distributed to any available Backup Domain Controllers (BDCs). NT Domain controllers register the Group Special NetBIOS name nt_domain<1C> to identify themselves.

In Windows2000 Domains the security database is stored in the Active Directory, and there is no distinction between primary and secondary controllers.

See also: Backup Domain Controller, Primary Domain Controller

Domain Name System

The Domain Name System is a distributed database system that provides mappings between Internet names and Internet Protocol (IP) addresses. The DNS name space is hierarchical in structure.

Web reference: the DNS Resources Directory (

Domain Master Browser
A host system that is designated to coordinate Browse Lists for matching workgroups across multiple subnets. The DMB receives subnet Browse List updates from Local Master Browsers, combines those lists, and distributes the combined list back to the Local Masters for the workgroup.

See also: Local Master Browser

Doveryay, no proveryay Trust, but verify.
Encoded NBT Name The term used in this text for the fully qualified Second Level Encoded form of the NetBIOS Name and Scope ID. For example, the string

is the fully encoded form of the NetBIOS name FE<20> and the scope ID "FI.FO.FUM".

See also: NBT Name, First Level Encoding, Scope ID, Second Level Encoding

First Level Encoding The conversion of a NetBIOS name to a format complying with DNS "best practices".

NetBIOS names may contain characters which are not considered valid for use in DNS names, yet RFC 1001 and RFC 1002 attempted to map the NetBIOS name space into the DNS name space. To work around this conflict, NetBIOS names are encoded by splitting each byte of the name into two nibbles and then adding the value of 'A' (0x41). Thus, the '&' character (0x26) would be encoded as "CG". NetBIOS names are usually padded with spaces before being encoded.

In this book, the term "NBT Name" is used to indicate the fully qualified form of the First Level Encoded name. The NBT Name includes the Scope ID.

See also: NBT Name, Scope ID, Second Level Encoding

GSS-API Generic Security Service Application Program Interface. A generic interface to a set of security services. It makes it possible to write software that does not care what the underlying security mechanisms actually are.

See: RFC 2078
See also: SPNEGO

Hacker One who fiddles with an existing system to see if it can be improved. Hacking is generally the fine art of [creating and] recursively revising software or a software-based system.

Do not see also: Cracker

Kerberos A network authentication service developed at MIT and later adopted by Microsoft for use with Windows2000 and SMB over naked TCP/IP transport.

See: RFC 1510

LANA NetBIOS LAN Adapter card.

For the original PC Network System, IBM sold both Broadband and Baseband network interface cards, which they called LAN Adapters. The NBT system supports the concept of a "virtual LANA".

See also: NBT

LDAP The Lightweight Directory Access Protocol. A standard protocol used to access directory services based on the X.500 directory service model (eg., Novell Directory Services and Microsoft Active Directory).

See: RFC 2251

Local Master Browser
A host system that is "elected" to manage the Browse List for the local IP LAN. The LMB collects service announcements from servers on the local LAN, distributes the Browse List to any Backup Browsers on the LAN, and exchanges service lists with the Domain Master Browser (if there is one).

See also: Domain Master Browser, Backup Browser

Machine Name Host name. A name which is typically assigned in the system configuration and used as the base name creating the NetBIOS names of several important services. The service names are composed by appending a service-specific suffix to the machine name.
Master Browser A common short-hand for "Local Master Browser".

See: Local Master Browser

MIDL Microsoft Interface Definition Language. Microsoft's version of the Interface Definition Language (IDL). MIDL is used to specify the parameters to MS-RPC function calls. MIDL is also used to define the interfaces to Microsoft Dynamically Linked Library (DLL) functions.

See also: MS-RPC

Moore's Law The observation (by Gordon Moore) that the transistor density on computer chips doubles roughly every 1.5 years. This is generally taken to mean that processing speeds also double every 1.5 years. Software developers compensate by writing bad code and adding unnecessary features to maintain status quo.
MS-RPC Microsoft Remote Procedure Call. RPC in general is a system that allows a process on one system to make function calls against libraries on another system. MS-RPC is Microsoft's implementation of RPC.

See also: MIDL

Naked TCP SMB transport over TCP/IP without the NBT NetBIOS emulation layer.

SMB is traditionally passed via the NetBIOS API to an underlying transport protocol. SMB over "naked" or "raw" TCP does not require the use of the NetBIOS API or NetBIOS emulation at the transport level.

See also: NBT, NetBIOS

NBDD NetBIOS Datagram Distribution Server. This server relays broadcast and multicast (group) datagrams to all intended recipients.

When a P, M, or H node wishes to send a broadcast or multicast datagram, it will send the datagram to the NBDD. The NBDD will obtain the list of destination IPs from the NBNS and then unicast the datagram to each of those nodes.

Most implementations do not provide NBDD support.

See also: NBNS

NBNS NetBIOS Name Server. A server providing NetBIOS name to IP address mapping. The NBNS is part of the NBT mechanism and does not need to participate directly in the NetBIOS LAN.

See also: WINS

NBT NetBIOS over TCP/IP; also known as NetBT and, less commonly, as TCPBEUI. NBT is an implementation of the NetBIOS API on top of a TCP/IP transport layer.
NBT Name The term used in this text for the fully qualified First Level Encoded form of the NetBIOS Name and Scope ID. For example, the NBT name:

is composed of the NetBIOS name FE<20> and the scope ID "FI.FO.FUM".

See also: Scope ID, First Level Encoding

NetBEUI NetBIOS Extended User Interface.

Also known as NetBIOS Frame Protocol (NBF). NetBEUI provides a simple mapping of NetBIOS API parameters and data to a transport suitable for passing messages on Ethernet and Token Ring networks.

Web reference: NetBIOS NetBEUI NBF Networking, by Timothy D. Evans. (

NetBIOS Network Basic Input Output System.

NetBIOS is the Application Programming Interface (API) to a proprietary LAN system that was developed by IBM and Sytek. The NetBIOS API has been implemented on top of several different network transports including TCP/IP, DECnet, IPX/SPX, and others.

See also: NBT, NetBT

NetBT NetBIOS over TCP/IP. Better known as NBT.

See: NBT

Network Data Representation
The on-the-wire encoding for parameters passed via MS-RPC. MS-RPC input parameters are marshalled into NDR format for transmission over the network, and then unmarshalled on the server side. The process is then reversed to return the results.

See also: MS-RPC

NT Domain A Workgroup with a Domain Controller.

See also: Domain Controller, Workgroup

Phrep An expletive, roughly equivalent to "dang", "drat", or "bother", but without connotation.
Primary Domain Controller
A Windows NT Domain Controller (DC) which keeps the master copy of the user/group authentication database in an NT Domain. Only one PDC is permitted per NT Domain. In addition to registering the nt_domain<1C> Group Special name, the PDC also registers the unique nt_domain<1B> NetBIOS name (where nt_domain is the name of the NT Domain). Microsoft's WINS server ensures that the IP address registered to the nt_domain<1B> name is always at the top of the list of IPs associated with the nt_domain<1C> Group Special name.

See also: Backup Domain Controller, Domain Controller

Potential Browser Any node on a local IP LAN that is willing and able to participate in browser elections and take on the role of Local Master Browser or Backup Browser.

See also: Local Master Browser, Backup Browser

Scope ID

A string of dot-separated labels, formatted per DNS naming rules. The Scope ID defines a virtual NBT LAN by dividing the NetBIOS namespace.

See also: NBT Name, DNS, First Level Encoding, Second Level Encoding

Second Level Encoding The on-the-wire format of an NBT name. The encoding scheme replaces the familiar dot characters used in DNS names with a byte containing the length of the next label. The Second Level Encoded form of the NBT Name


would be


See also: NBT Name, DNS, First Level Encoding

Server Message Block
A file and print-sharing protocol developed by IBM, Intel, 3Com, and Microsoft for use with PC-DOS and MS-DOS. It has since been renamed CIFS.

Also a name for the messages exchanged by the SMB or CIFS protocol. An SMB message is often referred to simply as "an SMB".

See also: CIFS

Server Service An SMB filesharing service provider. The Server Service registers a NetBIOS name consisting of the machine name with a suffix value of 0x20. On many platforms, the Server Service will also accept NBT connection requests with a CALLING NAME of *SMBSERVER<20>.
Simple Protected Negotiation

The "Simple and Protected GSS-API Negotiation Mechanism" is a protocol used with GSS-API to negotiate authentication mechanisms between a client and server.

See: RFC 2478
See also: GSS-API

Suffix Byte The sixteenth byte of a NetBIOS name. This byte is used to indicate the type of service that has registered the name.

See also: Appendix C: Known NetBIOS Suffix Values

TCPBEUI Yet another name for NBT. The name TCPBEUI is primarily used by folks from IBM.

See: NBT

Thermomostat The internal sensor that causes your mother to tell you to put on a sweater when she is cold.
WINS Windows Internet Name Service. Microsoft's name for their NBNS implementation.


Workgroup An NT Domain without a Domain Controller.

The distinction between an NT Domain and a Workgroup is blurry. The two are basically the same thing, except that an NT Domain has a Domain Controller, which provides authentication services. The Primary Domain Controller also always runs the Domain Master Browser (DMB) service, which coordinates the workgroup Browse Lists across subnets.

See also: Domain Master Browser, Domain Controller, Primary Domain Controller

1 The use of the term "goodguy" is in no way intended to imply gender.

<Previous] [Contents] [Next> [W3C Validated] Copyright © 1999-2003 Christopher R. Hertel 
All rights reserved.   $Revision: 1.64 $