[Snort-users] Analysis packets headers

Marlene Guimarães Costa marlenecosta at ...7784...
Tue Dec 17 07:43:03 EST 2002


Hi!!

I capture this packet from my network, and I want to know what 
means "type:0x800", "DgmLen:40", "Seq: 0x93B5CA  Ack: 
0x69DA28BA  Win: 0x213B".
and ".............proxy.uminho.pt..............n...proxy.local.c
com..
.-.......s.......-.......s.......3......Q]...serv-
g2.9.l........"



TCP

12/11-19:08:41.728824 0:2:B3:22:4:13 -> 0:2:B3:22:3:DE 
type:0x800 len:0x36
192.168.203.9:1183 -> 207.46.108.66:1863 TCP TTL:128 TOS:0x0 
ID:6926 IpLen:20 DgmLen:40 DF
***A**** Seq: 0x93B5CA  Ack: 0x69DA28BA  Win: 0x213B  TcpLen: 20

UDP
12/11-19:07:21.233793 0:2:B3:22:3:DE -> 0:2:B3:22:4:13 
type:0x800 len:0xB0
192.168.203.254:53 -> 192.168.203.9:1181 UDP TTL:64 TOS:0x0 
ID:0 IpLen:20 DgmLen:162 DF
Len: 142
.............proxy.uminho.pt..............n...proxy.local.ccom..
.-.......s.......-.......s.......3......Q]...serv-g2.9.l........



Can you help me?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Caixa de email GR�TIS com 100Mb,
acesso por Browser, POP3 ou IMAP4. 
Registe-se j� em http://www.zmail.pt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-






More information about the Snort-users mailing list