Solved

TCP Dscp class of the packet

Posted on 2012-03-31
7
1,001 Views
Last Modified: 2012-03-31
What is the dscp class of this packet or tos number ?


0021 563e 9cc3 748e f82a 3500 0800 4500  .!V>..t..*5...E.
0030 9722 4000 7506 76d0 464c 2b4b 257b  .0."@.u.v.FL+K%{
60c3 280a 0050 ffc8 696a 97fc 455b 7002  `.(..P..ij..E[p.
2000 fc64 0000 0204 05b4 0101 0402        ..d..........

Open in new window

0
Comment
Question by:3XLcom
  • 4
  • 3
7 Comments
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 37791821
Let's see:

Packet Info:
    Packet Number:                      000001
    Packet Length:                      67
    Captured Length:                    63
    Delta Time                          0.100000 Second
Ethernet Type II                        [0/14]
    Destination Address:                00:21:56:3E:9C:C3  [0/6]
    Source Address:                     74:8E:F8:2A:35:00  [6/6]
    Protocol:                           0x0800  (Internet IP(IPv4))  [12/2]
IP - Internet Protocol                  [14/20]
    Version                             4  [14/1]  0x00F0
    Header Length                       5  (20 Bytes)  [14/1]  0x000F
    Differentiated Services Field       0000 0000  [15/1]  0x00FF
        Differentiated Services Codepoint0000 00..  [15/1]  0x00FC
        Transport Protocol will ignore the CE bit.... ..0.  (Ignore)  [15/1]  0x0002
        Congestion                      .... ...0  (No Congestion)  [15/1]  0x0001
    Total Length                        48  (48 Bytes)  [16/2]
    Identification                      0x9722  (38690)  [18/2]
    Fragment Flags                      010. ....  (Don't Fragment)  [20/1]  0x00E0
        Reserved                        0... ....  [20/1]  0x0080
        Fragment                        .1.. ....  (Don't Fragment)  [20/1]  0x0040
        More Fragment                   ..0. ....  (Last Fragment)  [20/1]  0x0020
    Fragment Offset                     0  [20/2]  0x1FFF
    Time To Live                        117  [22/1]
    Protocol                            6  (TCP)  [23/1]
    Checksum                            0x76D0  (Correct)  [24/2]
    Source IP                           70.76.43.75  [26/4]
    Destination IP                      37.123.96.195  [30/4]
TCP - Transport Control Protocol        [34/28]
    Source Port:                        10250  [34/2]
    Destination Port:                   80  [36/2]
    Sequence Number:                    4291324266  [38/4]
    Ack Number:                         2549892443  [42/4]
    TCP Offset:                         7  (28 Bytes)  [46/1]  0x00F0
    Flags:                              ..00 0010  [47/1]  0x003F
        Urgent pointer:                 ..0. ....  [47/1]  0x0020
        Acknowledgment number:          ...0 ....  [47/1]  0x0010
        Push Function:                  .... 0...  [47/1]  0x0008
        Reset the connection:           .... .0..  [47/1]  0x0004
        Synchronize sequence:           .... ..1.  [47/1]  0x0002
        End of data:                    .... ...0  [47/1]  0x0001
    Window:                             8192  [48/2]
    Checksum:                           0xFC64  (Correct)  [50/2]
    Urgent point:                       0  [52/2]
    TCP Option - 1                      [54/4]
        Code:                           2  [54/1]
        Length:                         4  [55/1]
        Maximum Segment Length:         1460  [56/2]
    TCP Option - 2                      [58/1]
        Code:                           1  [58/1]
    TCP Option - 3                      [59/1]
        Code:                           1  [59/1]
    TCP Option - 4                      [60/2]
        Code:                           4  [60/1]
        Length:                         2  [61/1]
Extra Data:                             [62/1]
    Number of Bytes:                    1 bytes  [62/1]
FCS:
    FCS:                                0x2FA24C7A

Open in new window


So as you can see the dscp is 0
0
 

Author Comment

by:3XLcom
ID: 37791943
How did you convert this packet to this :) i really want to know.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 37791947
Colasoft packet builder: http://www.colasoft.com/packet_builder/
Have fun ;)
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:3XLcom
ID: 37791950
And i want to know if there is a way to block this type of packets on the router.
0
 

Author Closing Comment

by:3XLcom
ID: 37791959
Thank you millions of time
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 37791963
Is this related to your other question by any chance? The one with the TTL?
0
 

Author Comment

by:3XLcom
ID: 37791987
:( unfortunately my router does not has a ttl block support and / also my juniper is not have a capability to got 500k+ packets
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now