View the step-by-step solution to:

Question

# Question:This is an anomalous packet. How do I analyze the following normal 20-byte IP Header?

How do I translate each octet of the source and destination addresses using the calc.exe programmer mode?

1.      IP Version =

2.      Internet Header Length =

3.      TOS =

4.      Total Length =

5.      IP ID:

6.      X (one bit 0/1) =

7.      D (one bit 0/1) =

8.      M (one bit 0/1) =

9.      Offset =

10.  TTL =

11.  Protocol =

12.  Checksum (in hex or decimal) =

13.  Source Address =

14.  Destination Address =

How do I analyze this TCP header? Do not calculate the sequence or acknowledgment numbers (as they are large, 32-bit integers with little value) or checksum (a 16-bit hex value with little meaning unless you are a replicant).

c62800163d36b20c05087f6e7002ffff7bb70000

1.      Source Port =

2.      Destination Port =

3.      Sequence Number (in hex or decimal) =

4.      Acknowledgment number (in hex or decimal) =

5.      Header Length =

6.      R =

7.      Flags =

8.      TCP Window Size (in hex or decimal) =

9.      TCP Header and Segment Checksum (in hex or decimal) =

10.  Urgent Pointer Value =

11.  TCP Options (In hex):

These two more packets shown in a more traditional tcpdump output. Ignore the 0x's as they just tell you it is the raw hex. The right is an attempt at ASCII translation, which is also of little value here.

0x45 0x00 0x00 0x30 0x43 0x91 0x00 0x00 0x71 0x06

0xcd 0x30 0xd5 0x96 0x5b 0xa6 0xc0 0xa8 0x01 0x01

0x91 0x34 0x17 0x0c 0x37 0xca 0xbd 0x60 0x79 0xfe

0xf3 0xfc 0x70 0x02 0xff 0xff 0x3e 0xb2 0x00 0x00

0x02 0x04 0x05 0xb4 0x01 0x01 0x04 0x02

1.      IP Version =

2.      Internet Header Length =

3.      TOS =

4.      Total Length =

5.      IP ID (hex value):

6.      X (one bit 0/1) =

7.      D (one bit 0/1) =

8.      M (one bit 0/1) =

9.      Offset =

10.  TTL =

11.  Upper layer protocol =

12.  Checksum (in hex) =

13.  Source address (in dotted decimal format) =

14.  Destination Address (in dotted decimal format) =

15.  Source Port =

16.  Destination Port =

17.  Sequence Number (in hex) =

18.  Acknowledgment number (in hex) =

19.  Header Length =

20.  R =

21.  Flags =

22.  TCP Window Size (in hex or decimal) =

23.  TCP Header and Segment Checksum (in hex or decimal) =

24.  Urgent Pointer Value =

25.  TCP Options (in hex):

### Why Join Course Hero?

Course Hero has all the homework and study help you need to succeed! We’ve got course-specific notes, study guides, and practice tests along with expert tutors.

### -

Educational Resources
• ### -

Study Documents

Find the best study resources around, tagged to your specific courses. Share your own to gain free Course Hero access.

Browse Documents