diff options
author | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2003-03-25 09:41:42 +0000 |
---|---|---|
committer | sahlberg <sahlberg@f5534014-38df-0310-8fa8-9805f1628bb7> | 2003-03-25 09:41:42 +0000 |
commit | a217242d3800bdb2e4f9fc6e80fcf1b1f3c82ed0 (patch) | |
tree | aafa8f25a9cde7e8e34b53bd4893ac4b8ac13c79 /packet-smb-sidsnooping.h | |
parent | aee3f97aba0081b8ba24379c59794e83c339b20c (diff) |
Added SMB option : sid_name_snooping.
This feature, when enabled through Edit/preferences/protocols/smb,
will look at certain SMB and CIFS related protocols to discover the
mapping between SIDs and their Names.
For those SIDs whose name has been snooped/discovered ethereal will
also add "(<name>)" to the end of the SID when printed in the tree pane
through the function dissect_nt_sid().
Currently the feature is not too exciting since the only thing that packet-smb-sidsnooping.c will look at to build this mapping table is
replies to the LSA/QueryInfoPolicy infolevel 3 packets and thus
discover mappings between a Domain SID and a Domain Name.
In the near future this future will be enhanced to also look at more interesting calls such as LSA/LookupSIDs2 and similar.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@7362 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'packet-smb-sidsnooping.h')
-rw-r--r-- | packet-smb-sidsnooping.h | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/packet-smb-sidsnooping.h b/packet-smb-sidsnooping.h new file mode 100644 index 0000000000..3a4a3416df --- /dev/null +++ b/packet-smb-sidsnooping.h @@ -0,0 +1,31 @@ +/* packet-smb-sidsnooping.h + * Routines for snooping SID to name mappings + * Copyright 2003, Ronnie Sahlberg + * + * $Id: packet-smb-sidsnooping.h,v 1.1 2003/03/25 09:41:41 sahlberg Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef _PACKET_SMB_SID_SNOOPING_H_ +#define _PACKET_SMB_SID_SNOOPING_H_ + +char *find_sid_name(char *sid); + +#endif |