nt-part2_20
Analysis of the Security of Windows NT
1 March 1999
20
4. Networking
To meet the expected market requirements for the 1990s, one of the primary goals was
to add network capabilities into the NT operating system. The communication architec-
ture, however, is not a new one. Many of the ideas are derived from a product called
Microsoft Network, or MS-NET for short, which was announced with MS-DOS 3.1 in
1984. The ideas were later carried over into LAN Manager, and now into NT [3]. Still,
there is a great difference between the two latter. LAN Manager consists of a set of
applications and drivers that add networking capabilities to an existing operating sys-
tem, e.g. MS-DOS or OS/2. In NT, however, the communication architecture has been
integrated with the operating system.
The key components in NT's network architecture are the redirector and the network
server. The former is triggered when a user, or application, on a client machine
requests a file on a remote machine. In such case, the redirector will receive a request
and forward it to the remote machine. The network server resides on a remote com-
puter, awaiting requests from network redirectors. The protocol used between redirec-
tors and network servers is by default based on Server Message Block (SMB), see
section 4.5, which was originally one of the pieces in MS-NET, see Figure 3. SMB is a
high-level specification for formatting messages that are to be sent over the network.
Choosing the existing SMB protocol will give interoperability with the old systems.
FIGURE 3. Communication between a network redirector and a network server
Both the redirector and the network server are implemented as file system drivers, and
can thus be loaded or unloaded from the system at any time. This implies that they may
be replaced with other components, e.g. NFS client and server. Normally, there is at
least one redirector and one network server loaded on an NT system.
As mentioned above, one of NT's primary goals was to add network capabilities to the
base operating system. Another primary goal was to fulfil the C2 requirements. These
two, however, cannot be achieved at the same time, since Trusted Computer System
Evaluation Criteria [65] assume a standalone computer. In [43], NCSC expresses this
very clearly. Still, this fact has sometimes been misunderstood, see for example [44],
were the authors claims that even the networking part is C2 compliant.
User mode
Kernel mode
Redirector
User mode
Kernel mode
Server
Transmission medium
SMB