Hi,
I am a newbie to Wireshark, currently using Wireshark troubleshooting
a cifs performance issue. I got some insteresting output from
Wireshark,
No. Time Source Destination Protocol Info
23 0.027344 152.62.34.59 10.32.33.99 SMB
NT Create AndX Request, Path:
\rexhuang\a:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}:$DATA
24 0.027344 10.32.33.99 152.62.34.59 SMB
NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
25 0.027344 152.62.34.59 10.32.33.99 SMB
NT Create AndX Request, Path:
\rexhuang\a:\005SummaryInformation:$DATA
26 0.027344 10.32.33.99 152.62.34.59 SMB
NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
27 0.027344 152.62.34.59 10.32.33.99 SMB
NT Create AndX Request, Path:
\rexhuang\a:Docf_\005SummaryInformation:$DATA
28 0.027344 10.32.33.99 152.62.34.59 SMB
NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
29 0.031250 152.62.34.59 10.32.33.99 SMB
NT Create AndX Request, Path:
\rexhuang\a:\005SummaryInformation:$DATA
30 0.031250 10.32.33.99 152.62.34.59 SMB
NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
31 0.031250 152.62.34.59 10.32.33.99 SMB
NT Create AndX Request, Path:
\rexhuang\a:Docf_\005SummaryInformation:$DATA
32 0.031250 10.32.33.99 152.62.34.59 SMB
NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
33 0.031250 152.62.34.59 10.32.33.99 SMB
NT Create AndX Request, Path:
\rexhuang\a:\005SummaryInformation:$DATA
34 0.031250 10.32.33.99 152.62.34.59 SMB
NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
152.62.34.59 is client IP, 10.32.33.99 is a cifs server.
My question is I dont have any such special file or directory under
\rexhuang\, why the client send out such CreateAndX request?
Any input will be appreciated.
/zuoheng