Implementation of DCERPC protocol

[rahul sharma <rahulatgslab () gmail com>]

Hi All,

I was studying about MSRPC where I encountered some doubts about
MSRPC(implementation of DCERPC). I am listing them here. If you could help
me, then I would be really thankful to you. My doubts are as follows:-

1> What does the Byte order to be Little Endian specify?

2> Port and IP information are exchanged in Protocol Towers and at location
4 and 4 respectively in a MAP response. Actually I found out one Response
packet which returned 2 Towers and both containing different port. So want
to know why is this? How can I come to know which port is going to be used
by the requesting client??  Other than the "C706" manual, if you have some
other paper which explains MSRPC(DCERPC) in a better way, then do share
with me. I would be really thankful to you.

Thanks and Regards
Rahul Sharma

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe