Datagram & Packet Analysis

Disebabkan diagram dlm nota tu kecik sangat (bertambah rabun aku)…. Aku paste kat sini diagram yg terang sket.

Last update : 22 Feb (1.25AM)

 

IP Datagram (20 bytes).

 

 

Flags:

Reserve

Reserve

Urgent

Ack

Push

Reset

Syn

Fin

U

A

P

R

S

F

               

Unta Aku Pijak Rumput Sampai Fitam?!?

8 bit (1 byte).

Example:

  • 0000 0001 = FIN packet. Flags indicate Finish, normally to terminate 3 way handshakes.
  • 0001 0000 = Acknowledge (ACK) packet
  • 0000 0010 = SYN packet
  • 1100 0000 atau 1000 0000 atau 0100 0000 = ERROR. 2 bit paling kiri x boleh pakai.

 

TCP Datagram (20 bytes)

 

ICMP datagram (4 bytes)

 

UDP Datagram (8 bytes)


 

Packet Analysis.

 

 

 

Protocol embedded with this IP header = TCP (06)

Services currently running between both system = Telnet (0x17 = 23)

Source Address: 207.174.200.194

Destination Address: 204.187.140.181

Source Port Address: 10 311

Destination Port Address: 17

Which IP address is server IP address? = 204.198.140.181; because receiver port number within 1-1024 which is well known port, therefore the receiver IP address is the Server IP address.

Content of this message (use ASCII table to translate; start after bytes #40 or chunk #20)

 

Chunk Number

Contain

5

Protocol (6 for TCP, 11 for UDP, 1 for ICMP)

7-8

Sender IP Address

9-10

Receiver IP Address

11

Sender Port #

12

Receiver Port #

13

Sequence Number

14

Ack Number

17

Flag (Unta Aku Pijak Rumput Sampai Fingsan)

xxUAPRSF

 

 

 

Note:

In hexadecimal (windump or tcp dump), 1 chunk = 2 bytes (FF = 1 byte, FFFF = 2 bytes)

Nak tengok protocol apa yg IP nie bawak, tengok chunk yg ke 5 which is byte yg ke 10.

Maximum IP datagram’s size (with option, data etc) is = 65536 bytes

 

 

    • wawa-chan
    • February 21st, 2010

    Wah wah bagosh, tak yah tgk mender kecik…nak tekeluar mata

    • berok
    • February 21st, 2010

    tengok monitor lama2 terus terbakar mata aku😆

    • kuikuikui
    • February 21st, 2010

    tengkiuk!!!

    • expertester
    • February 21st, 2010

    http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol

    ada dok tanya icmp nyer code… tapi x terhafal la aku tengok table tu..huhu

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: