90 likes | 444 Views
Decoding an IP Header (1). 0x45 = Version 4 , IHL 5. 0x00 = ToS 0 (not set). 4 5 00 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000. IP Version Length: 4 bits Offset: 0 bits. IP Header Length (IHL)
E N D
Decoding an IP Header (1) 0x45 = Version 4, IHL 5 0x00 = ToS 0 (not set) 4500 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000 IP Version Length: 4 bits Offset: 0 bits IP Header Length (IHL) Length: 4 bits Offset: 4 bits Type of Service (ToS) Length: 1 byte Offset: 1 byte
Decoding an IP Header (2) 0x3d = TTL 61 0x0034 = Length 52 bytes 0xc9e7 = IPID 51687 4500 0034c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000 Total Packet Length Length: 2 bytes Offset: 2 bytes IP Identification (IPID) Length: 2 bytes Offset: 4 bytes Time to Live (TTL) Length: 1 byte Offset: 8 bytes
Decoding an IP Header (3) 0x4000 = 0100 0000 0000 0000Flags 010 (Don’t Fragment set)Fragment Offset = 0’s (not set) 0x06 = Embedded Protocol 6 (TCP) 4500 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000 IP Header Flags Length: 3 bits Offset: 6 bytes Fragment Offset Length: 13 bits Offset: 6 bytes + 3 bits Embedded Protocol Length: 1 byte Offset: 9 bytes
Decoding an IP Header (4) 0xd8 0x23 0xd9 0xba = 216 35 217 186 Source Address 0x178c = Checksum 62216 0xac 0x10 0x00 0xb7 = 172 16 0 183 Destination Address 4500 0034 c9e7 4000 3d06 178cd823 d9ba ac10 00b70017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000 Checksum Length: 2 bytes Offset: 10 bytes Source Address Length: 4 bytes Offset: 12 bytes Destination Address Length: 4 bytes Offset: 16 bytes
Decoding a TCP Header (1) 0x0017 = Source Port 23 0x12f5 = Dest. Port 4853 0x729a2105 = Sequence number1922703621 4500 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7001712f5729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000 Source Port Length: 2 bytes Offset: 0 bytes Destination Port Length: 2 bytes Offset: 2 bytes Sequence Number Length: 4 bytes Offset: 4 bytes
Decoding a TCP Header (2) 0x60 = 0110 0000 Header Len 0110 = 6 0xa7cb = Checksum 42955 0x145cdb4f = ACK number 341629775 0x18 = 0001 1000 Flags = PSH, ACK 4500 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b4 6c73 202d 6c61 0000 ACK Number Length: 4 bytes Offset: 8 bytes Header LengthLength: 4 bits Offset: 12 bytes TCP Flags Length: 1 byte Offset: 13 bytes Checksum Length: 2 bytes Offset: 16
Decoding a TCP Header (3) 0x16d0 = Window size 5840 0x0000 = Urgent Ptr 0 (not set) 0x020405b4 = 0x02 MSS set, 0x04 4 bytes 0x05b4 MSS is 1460 bytes 4500 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 00000204 05b46c73 202d 6c61 0000 TCP Window Size Length: 2 bytes Offset: 14 bytes Urgent Ptr Length: 2 bytes Offset: 18 bytes TCP Options Length: variable Offset: 20 bytes Data Length: variable Offset: variable
Decoding a TCP Header (4) (TCP Header Length - Min. TCP Header Length) = TCP Options Length (6 * 4) - 20 = 4 IP Total Length - (IHL + TCP Header Length) = Payload Length 52 - ((5 * 4) + (6 * 4)) = 8 4500 0034 c9e7 4000 3d06 178c d823 d9ba ac10 00b7 0017 12f5 729a 2105 145c db4f 6018 16d0 a7cb 0000 0204 05b46c73 202d 6c61 0000 TCP Options Length: 4 bytes Offset: 20 bytes 0x020405b4 = 0x02 MSS set, 0x04 4 bytes 0x05b4 MSS is 1460 bytes Payload Length: 8 Offset: 24 bytes