Exam 312-50v12 topic 1 question 49 discussion

<03> Messenger service running for the logged-in user. SOURCE: CEH v12 eBook Module 4 Pg 276 Sounds silly but I remember this one by picturing all the "E" and "S" letters in the word MESSENGER as "3"s.

00: Workstation Service (workstation name) 03: Windows Messenger service 06: Remote Access Service 20: File Service (also called Host Record) 21: Remote Access Service client 1B: Domain Master Browser – Primary Domain Controller for a domain 1D: Master Browser

NetBIOS Suffixes 00: Workstation Service (workstation name) 03: Windows Messenger service. 06: Remote Access Service. 20: File Service (also called Host Record) 21: Remote Access Service client. 1B: Domain Master Browser – Primary Domain Controller for a domain. 1D: Master Browser.

03: Windows Messenger service

The NetBIOS code used for obtaining the messenger service running for the logged-in user is: D. <1B> In NetBIOS, service names are represented by NetBIOS codes. The <1B> code corresponds to the Messenger service. By enumerating NetBIOS and identifying the services associated with different codes, an attacker could gather information about the available services on a remote system.

C. <03>

The <03> NetBIOS code is associated with where you can retrieve the messenger service for a logged-in user

B. <20> Explanation: NetBIOS (Network Basic Input/Output System) is a protocol used for communication over a local area network (LAN). It provides services such as name resolution, session establishment, and datagram delivery. When performing enumeration of NetBIOS, different NetBIOS codes can be encountered that represent different services or resources on a remote system. In the given scenario, Allen is targeting the NetBIOS service on port 139 and has found that he can see the resources that can be accessed or viewed on a remote system. To obtain the messenger service running for the logged-in user, he should look for the NetBIOS code <20>, which represents the messenger service.