Intrusion Analyst Packet Header Chart

IP and ICMP

Copyright © Guy Bruneau, 2000-2001. All rights reserved.
 
 

4

5

00

003c

4-bit version

4-bit header length

8-bit type of service (TOS)

16-bit total length (in bytes)

a624

4000 (DF) or 2000 (MF)

16-bit identification

3-bit flags

13-bit fragment offset

20

01

373f

8-bit time to live (TTL)

8-bit protocol

16-bit header checksum

c0a8 1e0c

32-bit source IP address

c0a8 1e01

32-bit destination IP address

Options (if any)

08

00

395c

8-bit message type

8-bit message code type

16-bit checksum

0100 1300

Start of Data (if any)


 

TCPDump trace (20 bites IP header [without options] + 8 bites ICMP header)


21:07:15.456145 Rover > Seeker: icmp: echo request

4500 003c a624 0000 2001 373f c0a8 1e0c  E..<.$.. .7?....

c0a8 1e010800 395c 0100 1300 6162 6364      ......9\....abcd

6566 6768 696a 6b6c 6d6e 6f70 7172 7374        efghijklmnopqrst

7576 7761 6263 6465 6667 6869                              uvwabcdefghi
 
 
 
 
 

Protocol Type

Description

0

Echo reply

3

Network unreachable

4

Source quench

5

Redirect

8

Echo request

9

Router advertisement

10

Router solicitation

11

Time exceeded

12

Parameter problems

13

Timestamp request

14

Timestamp reply

15

Information request (obsolete)

16

Information reply (obsolete)

17

Address mask request

18

Address mask reply


Non-Active Sitemap

Copyright © 2000-2014 Whitehats.ca
Contact Information 519.221.9132 : Web Contact webmaster@whitehats.ca