Wireshark mailing list archives
Re: Track a packet in source & destination end sniffer captures
From: samarjit das <samar.jeet82 () gmail com>
Date: Thu, 1 Sep 2011 15:34:00 +0530
Hi No NAT being done, neither loadbalancing&firewall in the path. On Thu, Sep 1, 2011 at 3:15 PM, Sake Blok <sake () euronet nl> wrote:
On 1 sep 2011, at 11:14, samarjit das wrote:I have taken sniffer capture at both ends(source & destination) ofcommunication but how can I track a single packet at both sides of capture. Is there any unique # tagged into the packet from which it can be identified that this is the packet reaching the destination side capture which was sent by source. That depends on the devices that are in the path. Is there NAT being done or loadbalancing or maybe a firewall with some sanitization? Things you might be able to match packets by: - src-ip,dst-ip,tcp-srcport,tcp-dstport,tcp-sequence tuple (of course a quick search on the tcp sequence number also works most of the times) - src-ip,dst-ip,ip-id tuple (a search on ip-id will also work, but might give you quite a few false positives as it is a 16-bit value) - Some part of the payload data maybe good to search for The right-click option "copy as filter" comes in handy in these cases, combined with "Find packet (the display filter option)" Good luck, Cheers, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Track a packet in source & destination end sniffer captures samarjit das (Sep 01)
- Re: Track a packet in source & destination end sniffer captures Guy Harris (Sep 01)
- Re: Track a packet in source & destination end sniffer captures Sake Blok (Sep 01)
- Re: Track a packet in source & destination end sniffer captures samarjit das (Sep 01)
- Re: Track a packet in source & destination end sniffer captures Stephen Fisher (Sep 01)
- Re: Track a packet in source & destination end sniffer captures Andrej van der Zee (Sep 06)