Ask Your Question

Vindra's profile - activity

2019-09-30 14:24:32 +0000 received badge  Notable Question (source)
2019-01-14 23:30:05 +0000 received badge  Popular Question (source)
2018-10-26 17:42:40 +0000 received badge  Popular Question (source)
2018-03-16 07:49:02 +0000 commented answer Does ICMP packet contain TCP header

Great explanation. Thanks

2018-03-16 07:48:47 +0000 marked best answer Does ICMP packet contain TCP header

I refer to the above question ( number 140 of kindle book (prep guide for WCNA exam)). The answer sheet in the same book says it does not contain TCP header. But I see in my packet capture some ICMP reply packets do contain TCP header. Can someone please explain?

THANKS

2018-03-16 06:26:29 +0000 asked a question Does ICMP packet contain TCP header

Does ICMP packet contain TCP header I refer to the above question ( number 140 of kindle book (prep guide for WCNA exam)

2018-03-06 07:38:29 +0000 edited question More than 2 full TCP packets without ACK and large MTU

More than 2 full TCP packets without ACK and large MTU Hi, Please refer to the attached pcapng file. It's an excerpt o

2018-03-06 06:05:23 +0000 commented question More than 2 full TCP packets without ACK and large MTU

THANKS Jim, I just now reduced the file size following your advice

2018-03-06 06:03:55 +0000 edited question More than 2 full TCP packets without ACK and large MTU

More than 2 full TCP packets without ACK and large MTU Hi, Please refer to the attached pcapng file. It's an excerpt o

2018-03-06 04:51:39 +0000 asked a question More than 2 full TCP packets without ACK and large MTU

More than 2 full TCP packets without ACK and large MTU Hi, Please refer to the attached pcapng file. It's 1 GB file.

2018-03-06 04:36:36 +0000 commented answer Filtering out normal traffic

Thanks Jaap for the reply. I was wondering if there is already some script or program which studies traffic from/to a de

2018-03-05 12:43:20 +0000 asked a question Filtering out normal traffic

Filtering out normal traffic Hi, Is there any simple way to filter out normal traffic? In my case when I watch sports

2018-02-17 11:14:36 +0000 commented answer Resolution of Network address

Hi Anders, I have checked my /etc/hosts file. But there is no such entry. Thanks

2018-02-17 11:11:53 +0000 asked a question Seeking explanation on bytes count in 'Protocol hierarchy'

Seeking explanation on bytes count in 'Protocol hierarchy' Please refer to the pcap file. I am seeking explanation on "

2018-02-15 05:40:50 +0000 marked best answer Ack # of packet after retransmission

The recipient does not receive the packet with the expected sequence number (S1), so it sends 3 Dup ACK packets. But while the recipient was sending the Dup Ack packets, the sender has sent 2 packets with S2 and S3 sequence numbers and data length L each.

The sender sends Fast Retransmission packet with S1 sequence.What should be the Ack # in the immediate next packet from the recipient? Should it be (S3 + L) ?

Thanks very much in advance

2018-02-15 05:17:58 +0000 marked best answer Why did Sequence number reduce

I am new to packet analysis and Wireshark. I need help in understanding. I will appreciate if someone please enlighten me on what is happening in captured file.

Q. Please refer to packet 64 and 101. They belong to the same TCP stream. Why does Seq # in packet #101 reduce by 1 from packet # 64?

2018-02-15 05:17:17 +0000 marked best answer Not understanding "Window scaling" graph

Please refer to the attached pcap file.

The window scaling from 205.234.218.129:80 -> 172.16.0.122:41834 shows that most of the time the recv window size is 60K. But the pack info tell different fact. For example refer to packet#99. The "Packet info" shows the window size is 14306. But the green line depicting Recv Win stays above 50000 (Byte). Why so?

THANKS

2018-02-15 05:16:37 +0000 marked best answer Sorting packets based on conversation

Hi, I find it easier to have packets sorted based on conversation -- for analysis. Doing it manually with more than 30 conversations is difficult. Is there any way in Wireshark to do it in easier means?

Thanks

2018-02-15 05:15:48 +0000 asked a question Resolution of Network address

Resolution of Network address I have a captured file. When I enable "Resolve Network Addresses" I can see the names in t

2018-02-15 04:44:15 +0000 marked best answer Where are IP headers in Monitor mode capture?

Hi, I set my lone network interface of Mac_air to Promiscous and Monitor mode at the same time. I could surf Internet while network being in the above mode. But the traffic captures show most packets had the following header hierarchy: Data -> IEEE 802.11 -> 802.11 radio info -> Radiotap header -> Frame.

Where are IP and TCP headers gone?

Regards

2018-02-15 04:44:15 +0000 received badge  Scholar (source)
2018-02-12 11:13:00 +0000 asked a question Where are IP headers in Monitor mode capture?

Where are IP headers in Monitor mode capture? Hi, I set my lone network interface of Mac_air to Promiscous and Monitor

2018-02-04 20:31:34 +0000 commented answer Sorting packets based on conversation

Great help to me. THANKS

2018-02-04 05:14:20 +0000 asked a question Sorting packets based on conversation

Sorting packets based on conversation Hi, I find it easier to have packets sorted based on conversation -- for analysi

2018-02-04 05:11:10 +0000 commented answer Ack # of packet after retransmission

Thanks very much for the explanation

2018-02-02 10:45:05 +0000 commented answer Not understanding "Window scaling" graph

Hi Christian, Thanks for the elaborate answer. I have two follow-up comments/questions: 1) When you say, "..client, t

2018-02-01 06:21:14 +0000 asked a question Not understanding "Window scaling" graph

Not understanding "Window scaling" graph Please refer to the attached pcap file--https://drive.google.com/open?id=14Dag_

2018-02-01 02:54:41 +0000 answered a question Why did Sequence number reduce

Thanks very much

2018-01-24 16:46:49 +0000 asked a question Why did Sequence number reduce

Why did Sequence number reduce I am new to packet analysis and Wireshark. I need help in understanding. I will appreciat

2018-01-23 10:43:39 +0000 asked a question Ack # of packet after retransmission

Ack # of packet after retransmission The recipient does not receive the packet with the expected sequence number (S1), s

2018-01-20 20:44:34 +0000 received badge  Editor (source)
2018-01-20 20:44:34 +0000 edited answer How do I change the interface on Tshark?

I take it that you are using Tshark even though you have mentioned, "I need to select the wifi when Wireshark starts..".

2018-01-20 20:35:25 +0000 received badge  Rapid Responder (source)
2018-01-20 20:35:25 +0000 answered a question How do I change the interface on Tshark?

I take it that you are using Tshark even though you have mentioned, "I need to select the wifi when Wireshark starts..".