2019-02-12

Difference between NetBIOS and SMB

source : Difference between NetBIOS and SMB

1. Are both services necessary? If not, are there any benefits over running a single service?
Depending on your operating system and environmentboth services are not necessary.

SMB (Server Message Block)

Server Message Block, the modern dialect of which is known as Common Internet File System, operates as an application-layer network protocol mainly used for providing shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. ...
The Server Message Block protocol can run on top of the Session (and lower) network layers in several ways:
  • directly over TCP, port 445
  • via the NetBIOS API, which in turn can run on several transports:
    • on UDP ports 137, 138 & TCP ports 137, 139 – see NetBIOS over TCP/IP
    • on several legacy protocols such as NBF (incorrectly referred to as NetBEUI).
On Windows, SMB can run directly over TCP/IP without the need for NetBIOS over TCP/IP. This will use, as you point out, port 445.
Generally speaking, on other systems, you'll find services and applications using port 139. This, basically speaking, means that SMB is running with NetBIOS over TCP/IP, where, stack-wise, SMB is on top of NetBIOS if you are to imagine it with the OSI model.
Here's a visualization from Richard Sharpe, from samba.org.
OSI model showing SMB and NetBIOS
Here's a slightly tweaked version to illustrate how you can imagine this on a Windows-based system.
OSI model with amazing drawing indicating the skip-over of NetBIOS

1.a If they are both necessary, are there any benefits?

The only "benefit" -- it's not really a benefit, as much as a requirement -- is that with SMB over NBT (NetBIOS over TCP/IP), you'll actually be able to communicate with a greater deal of implementations of SMB.

2. What information/service does netbios-ssn and microsoft-dsprovide?

*My quick guess is that while netbios-ssn simply provides the NetBIOS API, including NBT (NetBIOS over TCP/IP) via port 139. On the other hand, microsoft-ds provides the direct hostingof SMB via port 445.*
With Windows 2000 Microsoft felt that this can be improved. They added the port 445 for the same service. On port 445 SMB runs directly over TCP. The only difference is that the client skips the NetBIOS session (saves one round trip) then negotiates, authenticates, mounts etc.
Check the properties of your network card. Somewhere in the Advanced IP Settings is a checkbox "Enable NetBIOS over TCP". Activate it and your computer uses port 139. Deactivate the option and the system wants to use 445.
...
  • Port 139: SMB -> NetBIOS -> TCP
  • Port 445: SMB -> .... -> TCP

3. What is the relationship between SMB and NetBIOS; are they seperate, does one rely upon the other?

SMB does rely on NetBIOS for communication with devices that do not support direct hosting of SMB over TCP/IP.
NetBIOS is completely independent from SMB. It is an API that SMB, and other technologies can use, so NetBIOS has no dependency to SMB.

NetBIOS (Network Basic System)

... It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. As strictly an API, NetBIOS is not a networking protocol. ...
... In modern networks, NetBIOS normally runs over TCP/IP via the NetBIOS over TCP/IP (NBT) protocol. This results in each computer in the network having both an IP address and a NetBIOS name corresponding to a (possibly different) host name. ...
As you can see, the relationship would be Application -> SMB -> NetBIOS -> (TCP/IP, others).

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.