Ask Your Question
0

What kind of request most likely comes after this package?

asked 2018-11-19 12:18:39 +0000

this post is marked as community wiki

This post is a wiki. Anyone with karma >750 is welcome to improve it.

Frame 1: 62 bytes on wire (496 bits), 62 bytes captured (496 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: May 13, 2004 12:17:07.311224000 CEST
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1084443427.311224000 seconds
    [Time delta from previous captured frame: 0.000000000 seconds]
    [Time delta from previous displayed frame: 0.000000000 seconds]
    [Time since reference or first frame: 0.000000000 seconds]
    Frame Number: 1
    Frame Length: 62 bytes (496 bits)
    Capture Length: 62 bytes (496 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp]
    [Coloring Rule Name: HTTP]
    [Coloring Rule String: http || tcp.port == 80 || http2]
Ethernet II, Src: Superlan_00:00:00 (00:00:01:00:00:00), Dst: fe:ff:20:00:01:00 (fe:ff:
20:00:01:00)
    Destination: fe:ff:20:00:01:00 (fe:ff:20:00:01:00)
    Source: Superlan_00:00:00 (00:00:01:00:00:00)
    Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 145.254.160.237, Dst: 65.208.228.223
    0100 .... = Version: 4
    .... 0101 = Header Length: 20 bytes (5)
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
    Total Length: 48
    Identification: 0x0f41 (3905)
    Flags: 0x02 (Don't Fragment)
    Fragment offset: 0
    Time to live: 128
    Protocol: TCP (6)
    Header checksum: 0x91eb [validation disabled]
    [Header checksum status: Unverified]
    Source: 145.254.160.237
    Destination: 65.208.228.223
    [Source GeoIP: Unknown]
    [Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 3372, Dst Port: 80, Seq: 0, Len: 0
    Source Port: 3372
    Destination Port: 80
    [Stream index: 0]
    [TCP Segment Len: 0]
    Sequence number: 0    (relative sequence number)
    Acknowledgment number: 0
    0111 .... = Header Length: 28 bytes (7)
    Flags: 0x002 (SYN)
    Window size value: 8760
    [Calculated window size: 8760]
    Checksum: 0xc30c [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    Options: (8 bytes), Maximum segment size, No-Operation (NOP), No-Operation (NOP), SACK
permitted
        TCP Option - Maximum segment size: 1460 bytes
        TCP Option - No-Operation (NOP)
        TCP Option - No-Operation (NOP)
        TCP Option - SACK permitted
edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-11-19 12:35:39 +0000

updated 2018-11-19 12:37:35 +0000

This is SYN packet destined to port 80 (most likely HTTP).

So, you're most likely to see:

  1. or SYN,ACK packet (if the port is opened)
  2. or RST packet (if the port is closed).

But these are not "requests", but a part of TCP-conversation (TCP 3-way handshake or service refusal process).

As for "request" if I understand correctly the question (BTW looks like this is some assignment) I'd expect HTTP GET or HTTP POST.

edit flag offensive delete link more

Comments

thanks alot!

kongkaakk gravatar imagekongkaakk ( 2018-11-19 12:39:27 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-11-19 12:18:39 +0000

Seen: 531 times

Last updated: Nov 19 '18