I am trying to successfully make my linux machine communicate with my
windows machine over DCE RPC over UDP. The windows machine is the
server.

I have been using a packet sniffer to monitor communication between my
windows computer and another windows machine to try to understand the
protocol, and I think I have the problem mostly figured out. Here's
what I've got so far:
- I send a packet (#1) to the initial port 135. It's a UDP packet with
a DCE RPC header marked as a request (type 0x00) with a random
activity id <actid#1> and containing the correct stub data. The src
port <port#1> is OS-chosen.
- I recieve a packet (#2) of type request (0x00) (a "who_are_you"
packet) with activity id <actid#2> with src port <port#2> and dest
port <port#1>
- I send out a packet (#3) of type response (0x02) (a "who_are_you2"
packet) with activity id <actid#2> to dest port <port#2> and src port
<port#1>

I get no acknowledgement to packet #3. The packet is almost identical
to the packet that I monitored with the packet sniffer, except for the
ports involved, the activity ID is different, and the CAS UUID.
Everything else about packet #3 is identical (at least down to the UDP
level).

I really don't understand the significance of the CAS UUID, or whether
it might be preventing the server (the windows computer) from properly
acknowledging my response. I also don't know about the Interface
number, but just copied it from the windows packets because those
seemed to always be the same. A lot of the other fields I only have a
vague understanding of, but they were consistant for the
windows-windows communication so I just copied them. For example, the
sequence numbers are all zero in the monitored conversation, so I set
them zero for my attempt.

I never get an ACK for #3, just more packets like #2 (except with an
incremented serial low field).

If someone could help me properly (and reliably) communicate with this
protocol I would really appreciate it.