Source port: 80 Its using this of HTTP
Destination port: 57850
The flag set is the ACK(Acknowledgement). Means that packets were received.
Source IP: 74.125.47.17
Destination IP: 192.168.0.198 going through my router
The packet is going to my computer
Time To Live (TTL): 54 which means it can hope from 54 different routing devices before it is dropped by the network
Differentiated Services field: The actual value is 40. This field is used as a order of precedence tool for routers. Tells routers how important the packet is.
Protocol field is set to TCP. Tells what transport layer protocol will receive the datagram.
That the IP header length was 20 bytes.
Its using an Ethernet_II frame type.
Source MAC: e4:5b:8e (00:18:e7:e4:5b:8e)
Destination MAC: 00:03:25:48:0d:6a This is the address for my wired connection. This frame is going to my computer.
UDP
Source Port: 60307
Destination Port: 3544
Flag: 0x00 No flag is set
Source IP: 192.168.0.198
Destination IP: 224.0.0.253
TTL: 1 Guess this one didnt live to long!!
Source MAC: 00:03:25:48:0d:6a
Destination MAC: 01:00:5e:00:00:fd
The Time to Live was only one!
ARP
Destination MAC address: 00:18:e7:e4:5b:8e It is the requested information of the ARP. The source address requested the physical address of the destination IP.
Source MAC: 00:03:25:48:0d:6a
Destination IP: 192.168.0.1 Thats my router.
Source IP: 192.168.0.198 My computer
Its nice to actually see with my own eyes what an ARP request looks like. The source location (my computer) sending a MAC address request to the destination (my router, where an ARP table exists with a cross reference of IP's and MAC addresses).
Wireshark is a great program to visualize networking protocols. You get to actually see the data headers for each type of protocol and see how each protocol is used. You also get to see how they all work together. Wireshark can help you diagnose problems with your network, find a source of a secruity issue, or just monitor the traffic on your network.
No comments:
Post a Comment