Hello, I would like to know when your looking at a packet if it's the very first packet. I know how to do this when its TCP but when I am looking at other protocols how do I find this info? Thanks, asked 02 Sep '15, 05:21  rock90 |
One Answer:
Identifying the first packet in a session oriented protocol (like TCP) is easy, as there is a defined session start (like TCP SYN) and a defined session end (like TCP FIN/RESET). However for session-less protocols (like UDP) there is no common definition of a first packet. All you can say, that it's the first/last packet within a certain time window. So, to find the first packet of "other protocols", you'll have to define the time window you're interested in and then simply find the frist protocol frame in that time period. Regards answered 07 Sep '15, 16:49  Kurt Knochner ♦ |
"First packet" in what sense? First packet of some protocol exchange?