/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 1

Similar documents
Sirindhorn International Institute of Technology Thammasat University

CIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1

CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1

Muhammad Farooq-i-Azam CHASE-2006 Lahore

CIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1

Wire Shark Lab1. Intro

CIS-331 Final Exam Spring 2018 Total of 120 Points. Version 1

! ' ,-. +) +))+, /+*, 2 01/)*,, 01/)*, + 01/+*, ) 054 +) +++++))+, ) 05,-. /,*+), 01/-*+) + 01/.*+)

Experiment 2: Wireshark as a Network Protocol Analyzer

The key networking element that are typically used in an analysis of network traffic are:

CS 43: Computer Networks. HTTP September 10, 2018

CS 43: Computer Networks. Layering & HTTP September 7, 2018

CIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1

Internetworking models

TCP/IP Networking Basics

CIS-331 Final Exam Spring 2016 Total of 120 Points. Version 1

University of Toronto Faculty of Applied Science and Engineering. Final Exam, December ECE 461: Internetworking Examiner: J.

DATA COMMUNICATOIN NETWORKING

ID: Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version:

How the Internet Works

The cache is 4-way set associative, with 4-byte blocks, and 16 total lines

App. App. Master Informatique 1 st year 1 st term. ARes/ComNet Applications (7 points) Anonymous ID: stick number HERE

Technical Specification. Third Party Control Protocol. AV Revolution

Introduction to TCP/IP networking

EE 610 Part 2: Encapsulation and network utilities

Information Network 1 TCP 1/2. Youki Kadobayashi NAIST

C1098 JPEG Module User Manual

CSCI-GA Operating Systems. Networking. Hubertus Franke

ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:

TLS 1.2 Protocol Execution Transcript

Module : ServerIron ADX Packet Capture

Introduction to Internet. Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis

CCNA 1 Chapter 7 v5.0 Exam Answers 2013

Troubleshooting Communication in WebSphere MQ

Sirindhorn International Institute of Technology Thammasat University

Application Layer: The Web and HTTP Sec 2.2 Prof Lina Battestilli Fall 2017

HTTP TRAFFIC CONSISTS OF REQUESTS AND RESPONSES. All HTTP traffic can be

Packet Header Formats

The HTTP protocol. Fulvio Corno, Dario Bonino. 08/10/09 http 1

Fall 2003 Wincati Issue

The Transport Layer. Internet solutions. Nixu Oy PL 21. (Mäkelänkatu 91) Helsinki, Finland. tel fax.

CS 537: Introduction to Operating Systems Fall 2015: Midterm Exam #1

Computer Networks. Transmission Control Protocol. Jianping Pan Spring /3/17 CSC361 1

Networking Technologies and Applications

Transmission Control Protocol (TCP)

Computer Networks Principles

Network Interconnection

4. Specifications and Additional Information

NYC Utility DAS SCADA Network General Protocol and Traffic Analysis September 2005 Applied Methodologies, Inc.

Chapter 2: outline. 2.6 P2P applications 2.7 socket programming with UDP and TCP

Transparent TCP Timestamps draft-scheffenegger-tcpm-timestampnegotiation-03

I TCP 1/2. Internet TA: Connection-oriented (virtual circuit) Connectionless (datagram) (flow control) (congestion control) TCP Connection-oriented

Homework 2 50 points. CSE422 Computer Networking Spring 2018

User Datagram Protocol

A Simple Network Analyzer Decoding TCP, UDP, DNS and DHCP headers

The Transport Layer. Part 1

ECE 358 Project 3 Encapsulation and Network Utilities

3. Provide the routing table of host H located in LAN E, assuming that the host s network interface is called i1. ARes/ComNet

CSC358 Week 2. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved

Trp. Trp. Master Informatique 1 st year 1 st term. ARes/ComNet Transport layer (7 points) Anonymous ID: stick number HERE

Chapter 2 Application Layer

HyperText Transfer Protocol

Transport Layer Review

Lecture 04: Application Layer (Part 01) Principles and the World Wide Web (HTTP) Dr. Anis Koubaa

UNH-IOL MIPI Alliance Test Program

Applications & Application-Layer Protocols: The Web & HTTP

TCP/IP Networking An Example

KNX TinySerial 810. Communication Protocol. WEINZIERL ENGINEERING GmbH

Identifying Operating System Using Flow-based Traffic Fingerprinting

Banner Engineering Corp. DXM Controller API. 4/30/ Rev H

TCP = Transmission Control Protocol Connection-oriented protocol Provides a reliable unicast end-to-end byte stream over an unreliable internetwork.

Gateway Ascii Command Protocol

ECE697AA Lecture 2. Today s lecture

6. The Transport Layer and protocols

EECS 3214: Computer Network Protocols and Applications

Produced by. Mobile Application Development. Higher Diploma in Science in Computer Science. Eamonn de Leastar

Web, HTTP and Web Caching

ID: Cookbook: browseurl.jbs Time: 09:46:57 Date: 19/10/2018 Version: Fire Opal

I'IHITIIBIFI UI'IIVERSITY

Chapter 2 Application Layer

TCPDUMP. Chia-Tien Dan Lo Department of Computer Science and Software Engineering Southern Polytechnic State University

ECE4110 Internetwork Programming. Introduction and Overview

COSC4377. Chapter 2: Outline

Network and Security: Introduction

The aim of this unit is to review the main concepts related to TCP and UDP transport protocols, as well as application protocols. These concepts are

> : S. timestamp > : (0) win <mss 1460,nop,wscale 0,nop,nop, 4 different options used

Filtering An Introduction

FOCUS on Intrusion Detection: Intrusion Detection Level Analysis of Nmap and Queso Page 1 of 6

CPE 448 Exam #2 (50 pts) April Name Class: 448

EE 122: Transport Protocols. Kevin Lai October 16, 2002

Experiential Learning Workshop on Understanding Network Basics

Chapter 2: outline. 2.6 P2P applications 2.7 socket programming with UDP and TCP

Review of Important Networking Concepts. Recall the Example from last lecture

Capturing & Analyzing Network Traffic: tcpdump/tshark and Wireshark

Transport Layer. <protocol, local-addr,local-port,foreign-addr,foreign-port> ϒ Client uses ephemeral ports /10 Joseph Cordina 2005

HTTP Protocol and Server-Side Basics

Transcription:

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 1 9 0.001967 192.168.1.28 205.156.51.200 TCP 54940 > www [S YN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=743824 TSER=0 WS=7 Frame 9 (74 bytes on wire, 74 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.379181000 Time delta from previous packet: 0.000131000 seconds Time since reference or first frame: 0.001967000 seconds Frame Number: 9 Packet Length: 74 bytes Capture Length: 74 bytes Ethernet II, Src: 00:18:f3:a8:0a:8a, Dst: fe:fd:c0:a8:01:01 Destination: fe:fd:c0:a8:01:01 (192.168.1.1) Source: 00:18:f3:a8:0a:8a (192.168.1.28) Internet Protocol, Src Addr: 192.168.1.28 (192.168.1.28), Dst Addr: 205.156.51.200 (205.156.51.200) Total Length: 60 Identification: 0xbe3b (48699) Flags: 0x04 (Don t Fragment).1.. = Don t fragment: Set Time to live: 64 Header checksum: 0xb957 (correct) Source: 192.168.1.28 (192.168.1.28) Destination: 205.156.51.200 (205.156.51.200) Transmission Control Protocol, Src Port: 54940 (54940), Dst Port: www (80), Seq: 0, Ack : 0, Len: 0 Source port: 54940 (54940) Destination port: www (80) Sequence number: 0 (relative sequence number) Header length: 40 bytes Flags: 0x0002 (SYN)...0... = Acknowledgment: Not set.....1. = Syn: Set Window size: 5840 Checksum: 0x1d0b (correct) Options: (20 bytes) Maximum segment size: 1460 bytes SACK permitted Time stamp: tsval 743824, tsecr 0 Window scale: 7 (multiply by 128) 0000 fe fd c0 a8 01 01 00 18 f3 a8 0a 8a 08 00 45 00...E. 0010 00 3c be 3b 40 00 40 06 b9 57 c0 a8 01 1c cd 9c.<.;@.@..W... 0020 33 c8 d6 9c 00 50 38 c8 e7 ab 00 00 00 00 a0 02 3...P8... 0030 16 d0 1d 0b 00 00 02 04 05 b4 04 02 08 0a 00 0b... 0040 59 90 00 00 00 00 01 03 03 07 Y...

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 2 12 0.106995 205.156.51.200 192.168.1.28 TCP www > 54940 [S YN, ACK] Seq=0 Ack=1 Win=65500 Len=0 MSS=512 WS=0 TSV=1170182074 TSER=743824 Frame 12 (74 bytes on wire, 74 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.484209000 Time delta from previous packet: 0.000327000 seconds Time since reference or first frame: 0.106995000 seconds Frame Number: 12 Packet Length: 74 bytes Capture Length: 74 bytes Ethernet II, Src: fe:fd:c0:a8:01:01, Dst: 00:18:f3:a8:0a:8a Destination: 00:18:f3:a8:0a:8a (192.168.1.28) Source: fe:fd:c0:a8:01:01 (192.168.1.1) Internet Protocol, Src Addr: 205.156.51.200 (205.156.51.200), Dst Addr: 192.168.1.28 (1 92.168.1.28) Total Length: 60 Identification: 0x79c4 (31172) Flags: 0x00.0.. = Don t fragment: Not set Time to live: 43 Header checksum: 0x52cf (correct) Source: 205.156.51.200 (205.156.51.200) Destination: 192.168.1.28 (192.168.1.28) Transmission Control Protocol, Src Port: www (80), Dst Port: 54940 (54940), Seq: 0, Ack : 1, Len: 0 Source port: www (80) Destination port: 54940 (54940) Sequence number: 0 (relative sequence number) Acknowledgement number: 1 (relative ack number) Header length: 40 bytes Flags: 0x0012 (SYN, ACK).....1. = Syn: Set Window size: 65500 Checksum: 0x94af (correct) Options: (20 bytes) Maximum segment size: 512 bytes Window scale: 0 (multiply by 1) Time stamp: tsval 1170182074, tsecr 743824 This is an ACK to the segment in frame: 9 The RTT to ACK the segment was: 0.105028000 seconds 0000 00 18 f3 a8 0a 8a fe fd c0 a8 01 01 08 00 45 00...E. 0010 00 3c 79 c4 00 00 2b 06 52 cf cd 9c 33 c8 c0 a8.<y...+.r...3... 0020 01 1c 00 50 d6 9c fd 6c d3 12 38 c8 e7 ac a0 12...P...l..8... 0030 ff dc 94 af 00 00 02 04 02 00 01 03 03 00 01 01... 0040 08 0a 45 bf 8f ba 00 0b 59 90..E...Y.

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 3 13 0.107026 192.168.1.28 205.156.51.200 TCP 54940 > www [A CK] Seq=1 Ack=1 Win=5888 Len=0 TSV=743850 TSER=1170182074 Frame 13 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.484240000 Time delta from previous packet: 0.000031000 seconds Time since reference or first frame: 0.107026000 seconds Frame Number: 13 Packet Length: 66 bytes Capture Length: 66 bytes Ethernet II, Src: 00:18:f3:a8:0a:8a, Dst: fe:fd:c0:a8:01:01 Destination: fe:fd:c0:a8:01:01 (192.168.1.1) Source: 00:18:f3:a8:0a:8a (192.168.1.28) Internet Protocol, Src Addr: 192.168.1.28 (192.168.1.28), Dst Addr: 205.156.51.200 (205.156.51.200) Total Length: 52 Identification: 0xbe3c (48700) Flags: 0x04 (Don t Fragment).1.. = Don t fragment: Set Time to live: 64 Header checksum: 0xb95e (correct) Source: 192.168.1.28 (192.168.1.28) Destination: 205.156.51.200 (205.156.51.200) Transmission Control Protocol, Src Port: 54940 (54940), Dst Port: www (80), Seq: 1, Ack : 1, Len: 0 Source port: 54940 (54940) Destination port: www (80) Sequence number: 1 (relative sequence number) Acknowledgement number: 1 (relative ack number) Flags: 0x0010 (ACK) Window size: 5888 (scaled) Checksum: 0xbc54 (correct) Time stamp: tsval 743850, tsecr 1170182074 This is an ACK to the segment in frame: 12 The RTT to ACK the segment was: 0.000031000 seconds 0000 fe fd c0 a8 01 01 00 18 f3 a8 0a 8a 08 00 45 00...E. 0010 00 34 be 3c 40 00 40 06 b9 5e c0 a8 01 1c cd 9c.4.<@.@..^... 0020 33 c8 d6 9c 00 50 38 c8 e7 ac fd 6c d3 13 80 10 3...P8...l... 0030 00 2e bc 54 00 00 01 01 08 0a 00 0b 59 aa 45 bf...t...y.e. 0040 8f ba..

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 4 14 0.107221 192.168.1.28 205.156.51.200 HTTP GET /pub/data/ observations/metar/stations/edny.txt HTTP/1.1 Frame 14 (448 bytes on wire, 448 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.484435000 Time delta from previous packet: 0.000195000 seconds Time since reference or first frame: 0.107221000 seconds Frame Number: 14 Packet Length: 448 bytes Capture Length: 448 bytes :http Ethernet II, Src: 00:18:f3:a8:0a:8a, Dst: fe:fd:c0:a8:01:01 Destination: fe:fd:c0:a8:01:01 (192.168.1.1) Source: 00:18:f3:a8:0a:8a (192.168.1.28) Internet Protocol, Src Addr: 192.168.1.28 (192.168.1.28), Dst Addr: 205.156.51.200 (205.156.51.200) Total Length: 434 Identification: 0xbe3d (48701) Flags: 0x04 (Don t Fragment).1.. = Don t fragment: Set Time to live: 64 Header checksum: 0xb7df (correct) Source: 192.168.1.28 (192.168.1.28) Destination: 205.156.51.200 (205.156.51.200) Transmission Control Protocol, Src Port: 54940 (54940), Dst Port: www (80), Seq: 1, Ack : 1, Len: 382 Source port: 54940 (54940) Destination port: www (80) Sequence number: 1 (relative sequence number) Next sequence number: 383 (relative sequence number) Acknowledgement number: 1 (relative ack number) Flags: 0x0018 (PSH, ACK)... 1... = Push: Set Window size: 5888 (scaled) Checksum: 0x468b (correct) Time stamp: tsval 743850, tsecr 1170182074 Hypertext Transfer Protocol GET /pub/data/observations/metar/stations/edny.txt HTTP/1.1\r\n Request Method: GET Request URI: /pub/data/observations/metar/stations/edny.txt Request Version: HTTP/1.1 User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (De bian)\r\n Pragma: no-cache\r\n Cache-control: no-cache\r\n Accept: text/html, image/jpeg, image/png, text/*, image/*, */*\r\n Accept-Charset: utf-8, utf-8;q=0.5, *;q=0.5\r\n Accept-Language: de, en\r\n Host: weather.noaa.gov\r\n Connection: Keep-Alive\r\n \r\n

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 5 0000 fe fd c0 a8 01 01 00 18 f3 a8 0a 8a 08 00 45 00...E. 0010 01 b2 be 3d 40 00 40 06 b7 df c0 a8 01 1c cd 9c...=@.@... 0020 33 c8 d6 9c 00 50 38 c8 e7 ac fd 6c d3 13 80 18 3...P8...l... 0030 00 2e 46 8b 00 00 01 01 08 0a 00 0b 59 aa 45 bf..f...y.e. 0040 8f ba 47 45 54 20 2f 70 75 62 2f 64 61 74 61 2f..GET /pub/data/ 0050 6f 62 73 65 72 76 61 74 69 6f 6e 73 2f 6d 65 74 observations/met 0060 61 72 2f 73 74 61 74 69 6f 6e 73 2f 45 44 4e 59 ar/stations/edny 0070 2e 54 58 54 20 48 54 54 50 2f 31 2e 31 0d 0a 55.TXT HTTP/1.1..U 0080 73 65 72 2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c ser-agent: Mozil 0090 6c 61 2f 35 2e 30 20 28 63 6f 6d 70 61 74 69 62 la/5.0 (compatib 00a0 6c 65 3b 20 4b 6f 6e 71 75 65 72 6f 72 2f 33 2e le; Konqueror/3. 00b0 35 3b 20 4c 69 6e 75 78 29 20 4b 48 54 4d 4c 2f 5; Linux) KHTML/ 00c0 33 2e 35 2e 35 20 28 6c 69 6b 65 20 47 65 63 6b 3.5.5 (like Geck 00d0 6f 29 20 28 44 65 62 69 61 6e 29 0d 0a 50 72 61 o) (Debian)..Pra 00e0 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 gma: no-cache..c 00f0 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 3a 20 6e 6f ache-control: no 0100 2d 63 61 63 68 65 0d 0a 41 63 63 65 70 74 3a 20 -cache..accept: 0110 74 65 78 74 2f 68 74 6d 6c 2c 20 69 6d 61 67 65 text/html, image 0120 2f 6a 70 65 67 2c 20 69 6d 61 67 65 2f 70 6e 67 /jpeg, image/png 0130 2c 20 74 65 78 74 2f 2a 2c 20 69 6d 61 67 65 2f, text/*, image/ 0140 2a 2c 20 2a 2f 2a 0d 0a 41 63 63 65 70 74 2d 43 *, */*..Accept-C 0150 68 61 72 73 65 74 3a 20 75 74 66 2d 38 2c 20 75 harset: utf-8, u 0160 74 66 2d 38 3b 71 3d 30 2e 35 2c 20 2a 3b 71 3d tf-8;q=0.5, *;q= 0170 30 2e 35 0d 0a 41 63 63 65 70 74 2d 4c 61 6e 67 0.5..Accept-Lang 0180 75 61 67 65 3a 20 64 65 2c 20 65 6e 0d 0a 48 6f uage: de, en..ho 0190 73 74 3a 20 77 65 61 74 68 65 72 2e 6e 6f 61 61 st: weather.noaa 01a0 2e 67 6f 76 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e.gov..Connection 01b0 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 0d 0a : Keep-Alive...

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 6 15 0.224373 205.156.51.200 192.168.1.28 HTTP HTTP/1.1 200 O K (text/plain) Frame 15 (416 bytes on wire, 416 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.601587000 Time delta from previous packet: 0.117152000 seconds Time since reference or first frame: 0.224373000 seconds Frame Number: 15 Packet Length: 416 bytes Capture Length: 416 bytes :http:data-text-lines Ethernet II, Src: fe:fd:c0:a8:01:01, Dst: 00:18:f3:a8:0a:8a Destination: 00:18:f3:a8:0a:8a (192.168.1.28) Source: fe:fd:c0:a8:01:01 (192.168.1.1) Internet Protocol, Src Addr: 205.156.51.200 (205.156.51.200), Dst Addr: 192.168.1.28 (1 92.168.1.28) Total Length: 402 Identification: 0x7b08 (31496) Flags: 0x00.0.. = Don t fragment: Not set Time to live: 43 Header checksum: 0x5035 (correct) Source: 205.156.51.200 (205.156.51.200) Destination: 192.168.1.28 (192.168.1.28) Transmission Control Protocol, Src Port: www (80), Dst Port: 54940 (54940), Seq: 1, Ack : 383, Len: 350 Source port: www (80) Destination port: 54940 (54940) Sequence number: 1 (relative sequence number) Next sequence number: 351 (relative sequence number) Acknowledgement number: 383 (relative ack number) Flags: 0x0018 (PSH, ACK)... 1... = Push: Set Window size: 65500 Checksum: 0x01a0 (correct) Time stamp: tsval 1170182074, tsecr 743850 This is an ACK to the segment in frame: 14 The RTT to ACK the segment was: 0.117152000 seconds Hypertext Transfer Protocol HTTP/1.1 200 OK\r\n Request Version: HTTP/1.1 Response Code: 200 Date: Sun, 21 Jan 2007 11:24:00 GMT\r\n Server: Apache/1.3.27 (Unix) mod_perl/1.27\r\n Last-Modified: Sun, 21 Jan 2007 11:12:46 GMT\r\n ETag: "1ae1610-58-45b34aae"\r\n Accept-Ranges: bytes\r\n Content-Length: 88\r\n Connection: close\r\n Content-Type: text/plain\r\n \r\n

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 7 Line-based text data: text/plain 2007/01/21 10:50 EDNY 211050Z 25021KT 230V290 9999 FEW025 BKN070 07/01 Q1019 RMK ATIS H 0000 00 18 f3 a8 0a 8a fe fd c0 a8 01 01 08 00 45 00...E. 0010 01 92 7b 08 00 00 2b 06 50 35 cd 9c 33 c8 c0 a8..{...+.p5..3... 0020 01 1c 00 50 d6 9c fd 6c d3 13 38 c8 e9 2a 80 18...P...l..8..*.. 0030 ff dc 01 a0 00 00 01 01 08 0a 45 bf 8f ba 00 0b...E... 0040 59 aa 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f Y.HTTP/1.1 200 O 0050 4b 0d 0a 44 61 74 65 3a 20 53 75 6e 2c 20 32 31 K..Date: Sun, 21 0060 20 4a 61 6e 20 32 30 30 37 20 31 31 3a 32 34 3a Jan 2007 11:24: 0070 30 30 20 47 4d 54 0d 0a 53 65 72 76 65 72 3a 20 00 GMT..Server: 0080 41 70 61 63 68 65 2f 31 2e 33 2e 32 37 20 28 55 Apache/1.3.27 (U 0090 6e 69 78 29 20 6d 6f 64 5f 70 65 72 6c 2f 31 2e nix) mod_perl/1. 00a0 32 37 0d 0a 4c 61 73 74 2d 4d 6f 64 69 66 69 65 27..Last-Modifie 00b0 64 3a 20 53 75 6e 2c 20 32 31 20 4a 61 6e 20 32 d: Sun, 21 Jan 2 00c0 30 30 37 20 31 31 3a 31 32 3a 34 36 20 47 4d 54 007 11:12:46 GMT 00d0 0d 0a 45 54 61 67 3a 20 22 31 61 65 31 36 31 30..ETag: "1ae1610 00e0 2d 35 38 2d 34 35 62 33 34 61 61 65 22 0d 0a 41-58-45b34aae"..A 00f0 63 63 65 70 74 2d 52 61 6e 67 65 73 3a 20 62 79 ccept-ranges: by 0100 74 65 73 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e tes..content-len 0110 67 74 68 3a 20 38 38 0d 0a 43 6f 6e 6e 65 63 74 gth: 88..Connect 0120 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 43 6f 6e 74 ion: close..cont 0130 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 70 ent-type: text/p 0140 6c 61 69 6e 0d 0a 0d 0a 32 30 30 37 2f 30 31 2f lain...2007/01/ 0150 32 31 20 31 30 3a 35 30 0a 45 44 4e 59 20 32 31 21 10:50.EDNY 21 0160 31 30 35 30 5a 20 32 35 30 32 31 4b 54 20 32 33 1050Z 25021KT 23 0170 30 56 32 39 30 20 39 39 39 39 20 46 45 57 30 32 0V290 9999 FEW02 0180 35 20 42 4b 4e 30 37 30 20 30 37 2f 30 31 20 51 5 BKN070 07/01 Q 0190 31 30 31 39 20 52 4d 4b 20 41 54 49 53 20 48 0a 1019 RMK ATIS H.

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 8 16 0.224389 192.168.1.28 205.156.51.200 TCP 54940 > www [A CK] Seq=383 Ack=351 Win=6912 Len=0 TSV=743879 TSER=1170182074 Frame 16 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.601603000 Time delta from previous packet: 0.000016000 seconds Time since reference or first frame: 0.224389000 seconds Frame Number: 16 Packet Length: 66 bytes Capture Length: 66 bytes Ethernet II, Src: 00:18:f3:a8:0a:8a, Dst: fe:fd:c0:a8:01:01 Destination: fe:fd:c0:a8:01:01 (192.168.1.1) Source: 00:18:f3:a8:0a:8a (192.168.1.28) Internet Protocol, Src Addr: 192.168.1.28 (192.168.1.28), Dst Addr: 205.156.51.200 (205.156.51.200) Total Length: 52 Identification: 0xbe3e (48702) Flags: 0x04 (Don t Fragment).1.. = Don t fragment: Set Time to live: 64 Header checksum: 0xb95c (correct) Source: 192.168.1.28 (192.168.1.28) Destination: 205.156.51.200 (205.156.51.200) Transmission Control Protocol, Src Port: 54940 (54940), Dst Port: www (80), Seq: 383, A ck: 351, Len: 0 Source port: 54940 (54940) Destination port: www (80) Sequence number: 383 (relative sequence number) Acknowledgement number: 351 (relative ack number) Flags: 0x0010 (ACK) Window size: 6912 (scaled) Checksum: 0xb953 (correct) Time stamp: tsval 743879, tsecr 1170182074 This is an ACK to the segment in frame: 15 The RTT to ACK the segment was: 0.000016000 seconds 0000 fe fd c0 a8 01 01 00 18 f3 a8 0a 8a 08 00 45 00...E. 0010 00 34 be 3e 40 00 40 06 b9 5c c0 a8 01 1c cd 9c.4.>@.@..\... 0020 33 c8 d6 9c 00 50 38 c8 e9 2a fd 6c d4 71 80 10 3...P8..*.l.q.. 0030 00 36 b9 53 00 00 01 01 08 0a 00 0b 59 c7 45 bf.6.s...y.e. 0040 8f ba..

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 9 17 0.224645 205.156.51.200 192.168.1.28 TCP www > 54940 [F IN, ACK] Seq=351 Ack=383 Win=65500 Len=0 TSV=1170182074 TSER=743850 Frame 17 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.601859000 Time delta from previous packet: 0.000256000 seconds Time since reference or first frame: 0.224645000 seconds Frame Number: 17 Packet Length: 66 bytes Capture Length: 66 bytes Ethernet II, Src: fe:fd:c0:a8:01:01, Dst: 00:18:f3:a8:0a:8a Destination: 00:18:f3:a8:0a:8a (192.168.1.28) Source: fe:fd:c0:a8:01:01 (192.168.1.1) Internet Protocol, Src Addr: 205.156.51.200 (205.156.51.200), Dst Addr: 192.168.1.28 (1 92.168.1.28) Total Length: 52 Identification: 0x7b0b (31499) Flags: 0x00.0.. = Don t fragment: Not set Time to live: 43 Header checksum: 0x5190 (correct) Source: 205.156.51.200 (205.156.51.200) Destination: 192.168.1.28 (192.168.1.28) Transmission Control Protocol, Src Port: www (80), Dst Port: 54940 (54940), Seq: 351, A ck: 383, Len: 0 Source port: www (80) Destination port: 54940 (54940) Sequence number: 351 (relative sequence number) Acknowledgement number: 383 (relative ack number) Flags: 0x0011 (FIN, ACK)......1 = Fin: Set Window size: 65500 Checksum: 0xb9c8 (correct) Time stamp: tsval 1170182074, tsecr 743850 0000 00 18 f3 a8 0a 8a fe fd c0 a8 01 01 08 00 45 00...E. 0010 00 34 7b 0b 00 00 2b 06 51 90 cd 9c 33 c8 c0 a8.4{...+.q...3... 0020 01 1c 00 50 d6 9c fd 6c d4 71 38 c8 e9 2a 80 11...P...l.q8..*.. 0030 ff dc b9 c8 00 00 01 01 08 0a 45 bf 8f ba 00 0b...E... 0040 59 aa Y.

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 10 18 0.226029 192.168.1.28 205.156.51.200 TCP 54940 > www [F IN, ACK] Seq=383 Ack=352 Win=6912 Len=0 TSV=743880 TSER=1170182074 Frame 18 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.603243000 Time delta from previous packet: 0.001384000 seconds Time since reference or first frame: 0.226029000 seconds Frame Number: 18 Packet Length: 66 bytes Capture Length: 66 bytes Ethernet II, Src: 00:18:f3:a8:0a:8a, Dst: fe:fd:c0:a8:01:01 Destination: fe:fd:c0:a8:01:01 (192.168.1.1) Source: 00:18:f3:a8:0a:8a (192.168.1.28) Internet Protocol, Src Addr: 192.168.1.28 (192.168.1.28), Dst Addr: 205.156.51.200 (205.156.51.200) Total Length: 52 Identification: 0xbe3f (48703) Flags: 0x04 (Don t Fragment).1.. = Don t fragment: Set Time to live: 64 Header checksum: 0xb95b (correct) Source: 192.168.1.28 (192.168.1.28) Destination: 205.156.51.200 (205.156.51.200) Transmission Control Protocol, Src Port: 54940 (54940), Dst Port: www (80), Seq: 383, A ck: 352, Len: 0 Source port: 54940 (54940) Destination port: www (80) Sequence number: 383 (relative sequence number) Acknowledgement number: 352 (relative ack number) Flags: 0x0011 (FIN, ACK)......1 = Fin: Set Window size: 6912 (scaled) Checksum: 0xb950 (correct) Time stamp: tsval 743880, tsecr 1170182074 This is an ACK to the segment in frame: 17 The RTT to ACK the segment was: 0.001384000 seconds 0000 fe fd c0 a8 01 01 00 18 f3 a8 0a 8a 08 00 45 00...E. 0010 00 34 be 3f 40 00 40 06 b9 5b c0 a8 01 1c cd 9c.4.?@.@..[... 0020 33 c8 d6 9c 00 50 38 c8 e9 2a fd 6c d4 72 80 11 3...P8..*.l.r.. 0030 00 36 b9 50 00 00 01 01 08 0a 00 0b 59 c8 45 bf.6.p...y.e. 0040 8f ba..

/tmp/dump/dump02_arp_dns-weather_syn_fin complete-session - Ethereal Page 11 19 0.328970 205.156.51.200 192.168.1.28 TCP www > 54940 [A CK] Seq=352 Ack=384 Win=65500 Len=0 TSV=1170182075 TSER=743880 Frame 19 (66 bytes on wire, 66 bytes captured) Arrival Time: Jan 21, 2007 12:24:02.706184000 Time delta from previous packet: 0.102941000 seconds Time since reference or first frame: 0.328970000 seconds Frame Number: 19 Packet Length: 66 bytes Capture Length: 66 bytes Ethernet II, Src: fe:fd:c0:a8:01:01, Dst: 00:18:f3:a8:0a:8a Destination: 00:18:f3:a8:0a:8a (192.168.1.28) Source: fe:fd:c0:a8:01:01 (192.168.1.1) Internet Protocol, Src Addr: 205.156.51.200 (205.156.51.200), Dst Addr: 192.168.1.28 (1 92.168.1.28) Total Length: 52 Identification: 0x7bb7 (31671) Flags: 0x00.0.. = Don t fragment: Not set Time to live: 43 Header checksum: 0x50e4 (correct) Source: 205.156.51.200 (205.156.51.200) Destination: 192.168.1.28 (192.168.1.28) Transmission Control Protocol, Src Port: www (80), Dst Port: 54940 (54940), Seq: 352, A ck: 384, Len: 0 Source port: www (80) Destination port: 54940 (54940) Sequence number: 352 (relative sequence number) Acknowledgement number: 384 (relative ack number) Flags: 0x0010 (ACK) Window size: 65500 Checksum: 0xb9a8 (correct) Time stamp: tsval 1170182075, tsecr 743880 This is an ACK to the segment in frame: 18 The RTT to ACK the segment was: 0.102941000 seconds 0000 00 18 f3 a8 0a 8a fe fd c0 a8 01 01 08 00 45 00...E. 0010 00 34 7b b7 00 00 2b 06 50 e4 cd 9c 33 c8 c0 a8.4{...+.p...3... 0020 01 1c 00 50 d6 9c fd 6c d4 72 38 c8 e9 2b 80 10...P...l.r8..+.. 0030 ff dc b9 a8 00 00 01 01 08 0a 45 bf 8f bb 00 0b...E... 0040 59 c8 Y.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback