network message

[peac3]

Hi guys,

Can anyone explain to me what this network message below means and how to generate these messages

1 14:52:49.463851 arp who-has 192.168.0.107 tell 192.168.0.108  
2 14:52:49.463851 arp reply 192.168.0.107 is-at 0:a0:c9:65:14:80  
3 14:52:49.463851 192.168.0.108.1045 > 192.168.0.107.53: 7+ A? uk.com.au. (32)  
4 14:52:49.463851 192.168.0.107.53 > 192.168.0.108.1045: 7* 1/1/1 A 192.168.0.107 (88)  
5 14:52:49.543851 192.168.0.108.1046 > 192.168.0.107.80: S 7861110:7861110(0) win 8192 <mss 1460> (DF)  
6 14:52:49.543851 192.168.0.107.80 > 192.168.0.108.1046: S 3595122238:3595122238(0) ack 7861111 win 32736 <mss 1460>  
7 14:52:49.543851 192.168.0.108.1046 > 192.168.0.107.80: . ack 3595122239 win 8760 (DF)  
8 14:52:49.653851 192.168.0.108.1046 > 192.168.0.107.80: P 7861111:7861361(250) ack 3595122239 win 8760 (DF)  
9 14:52:49.663851 192.168.0.107.80 > 192.168.0.108.1046: . 3595122239:3595123699(1460) ack 7861361 win 32736 (DF)

Thanks in advance guys.

 

[PHV]

man tcpdump

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886

 

[peac3]

Hi PHV,

Thanks for the command,
could you explain little bit about those messages? like simbol "7+ A?", last sentence "(32)" in general description.

I'm new using tcpdump and windump, that'll be great if u could help me.

Thanks in advance mate,

 

[Annihilannic]

There is a section of man tcpdump which describes the output format for "TCP Packets". It says there "N.B.:The following description assumes familiarity with the TCP protocol described in RFC-793. If you are not familiar with the protocol, neither this description nor tcpdump will be of much use to you.", which is true.

If you add some -v options it will give you more detail about the contents of the packet, which may make more (or less!) sense to you.

Annihilannic.