Basic Sniffing

[hack12]

Can someone provide a brief tutorial on sniffing. Like how to determine if there is packet loss etc. How are the acknowledgements, sequence #'s etc related. The data + the sequence I think is equal to the next acknowledgment? Is that right? Alos, how would you tell what the total size of the data is that is being transferred. This is all in relation to Ds-Pro. Thanks

 

[rwullems]

Hi,

Check the following link. It is not short, but can provide you with a lot of information.

http://www.robertgraham.com/pubs/

About TCP, this is a simple formula SEQ+LEN=ACK. Try this with s simple TCP session like telnet, gives you a good view about how TCP Sequense numbering is working.
regards,
robert (not Graham)

 

[Sniff4Food]

You might also want to check out

http://www.packet-level.com/library.htm.

It is Laura Chappell's web site and she has some wonderful articles on sniffing. Many of them are Sniffer specific, and contain screen shots.

Of course, the best place to go is

http://www.snifferu.com

and sign up for a Sniffer University class

Betty

Life is better in Bettyland!

 

[phaelon56]

If you have not already read through the verous topics int he extensive Help section of DS Pro, I suggest that you do so. Unlike the oxymoronic Microsoft Windows Help, Sniffer has a very through help menu that provides a welath of detail on how the product works and includes some detail that is very fundamental in regards to packet capture and decode (in a general sense - not just stuff that is unique to their product).

Owen O'Neill
Datacom Systems Inc.
Northeastern SE

http://www.datacomsystems.com

 

[fortunat]

I've also tried to put some Sniffer info on my site

http://www.thetechfirm.com

Cheers,

'Making things work better; bit by bit.'