On Fri, May 24, 2002 at 09:46:17AM +0500, dear demo wrote:
> Hello there.
>
> I want to ask about these questions.
>
> ===============
> Problem Context
> ===============
> We are using NT 4.0 based Server and client networking. Workstations has
> either NT
>
> workstation or Win98 workstation. Any two workstations are messaging with
> each other
>
> using either NET SEND or Winpopup utilities.
>
>
>
> 1- Can server watch or store or read messages of those two clients.
Not unless it's running a packet sniffer *and* it can see traffic that's
not broadcast or multicast and not sent to or from it - which might not
be the case on, for example, a switched network, or a network with a
dual-speed hub:
http://www.ethereal.com/faq.html#q4.1
> 2- Is there any utility available in the world that can read messages of
> two clients.
If you mean "read messages of two clients when the utility isn't running
on either of those two clients", they're called "packet sniffers" or
"network analyzers", and one such utility is called "Ethereal". Others
have names such as "tcpdump":
http://www.tcpdump.org/
on UNIX or "WinDump":
http://windump.polito.it/
on Windows (WinDump is a port of tcpdump to Windows), or "Sniffer":
http://www.sniffer.com/
or "EtherPeek":
http://www.wildpackets.com/
and so on.
> 3- What type of Services are used while messaging i.e., TCP/IP, UDP,ICMP or
> anyother.
TCP/IP, if you're using NetBIOS-over-TCP/IP for SMB/CIFS traffic;
otherwise, it might be NetBEUI Frame over IEEE 802.2, or
NetBIOS-over-IPX, or any of the other protocols over which NetBIOS can
run.
In the NetBIOS-over-TCP/IP case, the machine sending the message opens a
TCP connection to the NetBIOS Session Service port (or perhaps the CIFS
port) on the machine to which the message is being sent, and sends an
SMB request.
> 4- What is the exact port number used for this purposes.
The NetBIOS-over-TCP Session Service port is TCP port 139.
The CIFS port is TCP port 445.