Solved

Meaning of hex data from packet sniffer

Posted on 2004-10-15
5
758 Views
Last Modified: 2012-05-05
Hello all. I wrote a data sniffer in winpcap that gets all the data. now i have all the data and header information. i am able to "decode" the header information into TCP, UDP etc etc. I parsed the information, so now I have ONLY the data part of the whole packet. And the data part is in bits (eg. 1101001110). How can I decipher what the data is?? Is it possible?

PS: The new format of E-E is really confusing with words and ads all over the place. Is this how it's gonna be in the near future as well?
0
Comment
Question by:punk5ta
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 48

Expert Comment

by:Mikal613
ID: 12321592
0
 

Author Comment

by:punk5ta
ID: 12326047
I know about hex / oct / binary data. That was not what I was asking for. I was wondering how to INTERPRET the data that I have which is in binary format. What I want to know is "what does the data in Packet A mean?" for instance.
0
 
LVL 3

Accepted Solution

by:
jenmir earned 100 total points
ID: 12404546
The answer is that there is no answer. The data could be anything. By definition, data can be anything. It could be following a format, a predetermined protocol, or it could be random information collected from an oil well pumping somewhere in a far off kingdom. Who knows?

People who sniff packets usually have a good idea what is going on while they're doing the sniffing. Think of it like this: You hear two people talking in a foreign language, which you don't understand. Later you hear them talking in the same apparent language, but here and there you hear an English word or phrase come up. If there is enough English, you may be able to figure out what is being discussed from the English and the context of the situation. If there isn't really much English and you don't know the context of the conversation, you'll likely to be guessing at the meaning or even misterpreting it entirely.

Run the data through an hex to ascii converter, such as the one found below:

http://www.packetshack.org/Projects/hex2ascii.php

or search on "hex2ascii" and maybe you'll turn up something interesting. Or maybe not.

j.m.
0

Featured Post

Everything You Need to Know about Petya 2.0

Get an overview of the what, when and how of Petya 2.0  from our threat analyst Marc Labilerte, as well as a look at how WatchGuard Total Security Suite protected our customers from the recent attack!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Coaxial cable bending There are several factors that govern the selection of coaxial cable for your Machine to Machine (M2M) application: the location of cable runs, either indoor or outdoor, inside or outside an enclosure, maximum bending and the…
This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question