Monday 1 August 2011

0

Packet Header Analysis

  • Monday 1 August 2011
  • PRABH KARAN SINGH
  • Share
    • Following are the easy to analyze ICMP, TCP and UDP packet headers along with short description.
    All header Drawings by- "Matt Baxter" (www.fatpipe.org/~mjb/Drawings/)



    ICMP-Header

    ICMP Message Types :- ICMP message type-code/name format
    0 Echo Reply
    3 Destination Unreachable
    4 Source Quench
    5 Redirect
    8 Echo
    11 Time Exceeded
    12 Parameter Problem
    13 Timestamp
    14 Timestamp Reply
    15 Information Request
    16 Information Reply

    Checksum :- The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message starting with the ICMP Type.

    RFC 792 :- Please refer to RFC 792 for Internet Control Message Protocol (ICMP) Specification.


    TCP-Header

    TCP Flags :- C E U A P R S F
    C 0x80 Reduced (CWR)
    E 0x40 ECN Echo (ECE)
    U 0x20 Urgent
    A 0x10 Ack
    P 0x08 Push
    R 0x04 Reset
    S 0x02 Syn
    F 0x01 Fin
    TCP Options :-
    0 End of Options List
    1 No Operation (NOP, Pad)
    2 Maximum Segment Size
    3 Window Scale
    4 Selective ACK ok
    8 Timestamp

    Checksum :- Checksum of entire TCP segment and pseudo header (parts of IP header)

    Offset :- Number of 32-bit words in TCP header, minimum value of 5. Multiply by 4 to get byte count.

    RFC 793 :- Please refer to RFC 793 for Transmission Control Protocol (TCP) Specification.


    UDP-Header

    Source Port :- an optional field, when meaningful, it indicates the port of the sending process, and may be assumed to be the port to which a reply should be addressed in the absence of any other information. If not used, a value of zero is inserted.

    Destination Port :- Destination Port has a meaning within the context of a particular internet destination address.

    Length :- Length is the length in octets of this user datagram including this header and the data. (This means the minimum value of the length is eight.)

    Checksum :- Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets.

    RFC 768 :- Please refer to RFC 768 for User Datagram Protocol (UDP) Specification.

    Subscribe us via E-mail and Add us on Facebook for daily updates and Plz also do click once on the ads displaying below or above the post for us.. :)

    Share |
    author

    This post was written by: Er.PRABH KARAN SINGH

    Er.PRABH KARAN SINGH is a Professional blogger,content writer,good in networking and servers. Follow him on Facebook

    0 Responses to “ Packet Header Analysis ”

    Post a Comment

    Subscribe to: Post Comments ( Atom )