Microsoft opens its protocols

Microsoft, today made a huge announcement. They have opened the specifications to most of  their core protocols. For guys like us in the protocol and network analysis community, this is huge, *really* huge.

Announcement from Bob Muglia (Senior VP, Servers and Tools at Microsoft)

When sourcing technology solutions, interoperability is among the most critical issues for IT decision makers and developers. At Microsoft, we strive to create software and solutions that follow a principle of ‘interoperability by design.’ As the leading platform developer, it is essential that we participate in stimulating the design and development of new applications with interoperability in mind. Microsoft Protocol Programs are a great example of this principle in action.

 

There seem to be some protocols for which there might be patent issues. I am currently reading the legal page for more. They have “promised” not to pursue their patent claims against open source tools. Wait, this promise seems to be void if the distributor derives revenues in connection with the distribution. Anyway, I sent an email to infodoc@ for clarification.

Unsniff supports the SMB protocol, we would like to align it with the offical spec – since our implementation relies largely on Samba. In addition, we are going to support analyzing the RDP (Remote Desktop Protocol). RDP has been notoriously hard to reverse.

I am looking forward to this exercise because

  • A great opportunity to improve the documentation of our API.
  • We plan to publish the source and involve the community as we proceed.
  • It only takes an XML file to describe even the most complex protocols in Unsniff (look at the SMB.xml or worse at the horrendous H.225/H.245 XML files in your Program Files folder after you install Unsniff). There is no C code to be written.
  • We can develop cool applications on top of the analysis layer using our C++ API
  • We can generate most sample traffic ourselves instead of relying on customer feedback and fuzzing.

The starting point is this page :

http://msdn2.microsoft.com/en-us/library/cc216517.aspx

So, CIFS and RDP – here we come.

Author: Vivek Rajagopalan

Vivek Rajagopalan is the a lead developer for Trisul Network Analytics. Prior products were Unsniff Network Analyzer and Unbrowse SNMP. Loves working with packets , very high speed networks, and helping track down the bad guys on the internet.