Snort mailing list archives

Analysis packets headers

From: "Marlene Guimarães Costa" <marlenecosta () zmail pt>
Date: Sat, 14 Dec 2002 13:27:10 +0000

Hi!!

I capture this packet from my network, and I want to know what 
means "type:0x800", "DgmLen:40", "Seq: 0x93B5CA  Ack: 
0x69DA28BA  Win: 0x213B".
and ".............proxy.uminho.pt..............n...proxy.local.c
com..
.-.......s.......-.......s.......3......Q]...serv-
g2.9.l........"



TCP

12/11-19:08:41.728824 0:2:B3:22:4:13 -> 0:2:B3:22:3:DE 
type:0x800 len:0x36
192.168.203.9:1183 -> 207.46.108.66:1863 TCP TTL:128 TOS:0x0 
ID:6926 IpLen:20 DgmLen:40 DF
***A**** Seq: 0x93B5CA  Ack: 0x69DA28BA  Win: 0x213B  TcpLen: 20

UDP
12/11-19:07:21.233793 0:2:B3:22:3:DE -> 0:2:B3:22:4:13 
type:0x800 len:0xB0
192.168.203.254:53 -> 192.168.203.9:1181 UDP TTL:64 TOS:0x0 
ID:0 IpLen:20 DgmLen:162 DF
Len: 142
.............proxy.uminho.pt..............n...proxy.local.ccom..
.-.......s.......-.......s.......3......Q]...serv-g2.9.l........



Can you help me?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Caixa de email GRÁTIS com 100Mb,
acesso por Browser, POP3 ou IMAP4. 
Registe-se já em http://www.zmail.pt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-




-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility 
Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Analysis packets headers Marlene Guimarães Costa (Dec 17)
- <Possible follow-ups>
- Analysis packets headers Marlene Guimarães Costa (Dec 17)