//Parse User name and domain name
        //check are they both 0 length? if yes, set a flag in conversation data that indicates null credentials
        public static bool AreTheCredentialsNull(FrameData fd)
        {
            if (fd.payload == null)
            {
                return(false);
            }

            // does not matter if the frame is fragmented. What we want - the length fields - are right near the beginning of the payload - just 36 bytes into it
            TDSReader ByteReader = new TDSReader(fd.payload, 0, -1, fd.payloadLength);

            ByteReader.ReadBytes(8);                          // TDS header
            ByteReader.ReadBytes(8);                          // Skip NTLMSSP string.
            ByteReader.ReadBytes(4);                          // Skip Message type
            ByteReader.ReadBytes(8);                          // Skip LmChallengeResponseFields - 8 bytes expected
            ByteReader.ReadBytes(8);                          // Skip NtChallengeResponseFields - 8 bytes expected
            short DomainNameLen = ByteReader.ReadInt16();     // Read DomainNameFields->Length - 2 bytes

            ByteReader.ReadBytes(2);                          // Skip DomainNameFields->MaximumLength - 2 bytes - to be ignored per the spec
            int   DomainNameOffSet = ByteReader.ReadInt32();  // Read DomainNameFields->BufferOffset - 4 bytes
            short UserNameLen      = ByteReader.ReadInt16();  // Read UserNameFields-Length

            ByteReader.ReadBytes(2);                          // Skip UserNameFields-MaximumLength  - 2 bytes - to be ignored per the spec
            int UserNameOffSet = (int)ByteReader.ReadInt16(); // Read UserNameFields-BufferOffset

            if (UserNameLen > 0 && DomainNameLen > 0)
            {
                return(false);
            }

            return(true); // user name or domain name are null
        }
 public void Read(TDSReader r)
 {
     Status = r.ReadInt32();
 }