分析TCP标头 [英] Analysing TCP header

查看:102
本文介绍了分析TCP标头的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

问题:

以下是十六进制格式的TCP标头转储。



05320017 00000001 00000000 500207FF 00000000




a。什么是源端口号?

b。什么是目的地端口号?

c。什么是序列号?

d。确认号是什么?

e。标题的长度是多少?

f。细分市场的类型是什么?

g。窗口大小是多少?

Question:
The following is a dump of a TCP header in hexadecimal format.

05320017 00000001 00000000 500207FF 00000000


a. What is the source port number?
b. What is the destination port number?
c. What is the sequence number?
d. What is the acknowledgment number?
e. What is the length of header?
f. What is the type of segment?
g. What is the window size?

推荐答案

您需要的所有信息都是通过Google找到的。 此处 [ ^ ]只是一个显示各个字段的文档。
All the information you need is found via Google. Here[^] is just one document showing the various fields.


TCP标题本身有10个字段,如下所示和大小可能在20到60字节之间变化



1.Source端口 - 2个字节

2.destination端口 - 2个字节

3.SEQ NUM-4字节

4.ACK NUM- 4字节

5.HLEN-1字

6。保留6位

7.CONTROL-6bits

8.WINDOW SIZE-2字节

9.CHECKSUM-2字节

10.URENT POINTERS-2bytes



这里来自书Forouzan的示例问题



TCP header( (十六进制)= 05320017 00000001 000000000 500207FF 00000000

由于每个十六进制= 4位,我们需要先将上面的十六进制拆分为

05 32 00 17 00 00 00 01 00 00 00 00 50 02 07 FF 00 00 00 00



来源p ort是2个字节需要05 32 = 1330

接下来2个字节作为目标地址00 17 == 23(默认TCP端口)

接下来4个字节作为序列号00 00 00 01 == 1

接下来的4个字节为ack 00 00 00 00 == 0

接下来的4位为HLEN 5 == 5 - 这表示4个组的数量使得标题长度为20bytes的字节..

接下来的6位被保留ie0 = 0000和来自hex 0的2位

接下来的6位是控制位=剩余的2位从十六进制0和4位2

接下来的2个字节表示窗口长度07 FF == 2047字节

校验和2字节00 00 = 0

紧急指针2字节00 00 = 0
TCP header itself is of 10 feilds as below and size may vary between 20 to 60bytes

1.Source port - 2 bytes
2.destination port - 2 bytes
3.SEQ NUM-4 bytes
4.ACK NUM- 4 bytes
5.HLEN-1 word
6.RESERVED-6bits
7.CONTROL-6bits
8.WINDOW SIZE-2 bytes
9.CHECKSUM-2 bytes
10.URGENT POINTERS-2bytes

here's example problem from book Forouzan

TCP header( in hex)=05320017 00000001 000000000 500207FF 00000000
since each hex = 4 bits , we need to first split the above hex as such
05 32 00 17 00 00 00 01 00 00 00 00 50 02 07 FF 00 00 00 00

source port is 2 bytes take 05 32 = 1330
next 2 bytes as destination address 00 17 == 23 (default TCP port)
next 4 bytes as sequence number 00 00 00 01 ==1
next 4 bytes as ack 00 00 00 00 == 0
next 4 bits as HLEN 5 ==5 -- this indicates number of sets of 4 bytes which makes the header lenght = 20bytes..
next 6 bits are reserved i.e.0 =0000and 2 bits from hex 0
next 6 bits are control bits = remaining 2 bits from hex 0 and 4 bits of 2
next 2 bytes indicate the window length 07 FF == 2047 bytes
Checksum 2 bytes 00 00 = 0
Urgent pointer 2bytes 00 00 =0


这里 [ ^ ]是TCP段头的结构。自己解读
Here[^] is the structure of the TCP segment header. Decipher it yourself


这篇关于分析TCP标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆