> So, there has to be a way for information to travel back to the
> originating host. Where is that info and how does one get
> it? That's the question to be answered. My GUESS, and that's
> why I am asking you all, is that it's contained somewhere
> in the packets.
>
> -Nathan
Nathan -
It is indeed contained in the packets, and Ethereal
provides a great way to take a look at this.
Here are the Hex bytes representing an IP packet
as it travels on ethernet. (Your milage will vary as
it travels on other media) This is cut from the
display in the third pane of Ethereal.
Compare to Valid Hello from 10.1.1.2
01 00 5e 00 00 05 00 c0 95 f8 2d d6 08 00 45 00 ..^....À .ø-Ö..E.
00 44 df 63 00 00 01 59 ee f5 0a 01 01 02 e0 00 .Dßc...Y îõ....à.
00 05 02 01 00 30 0a 01 01 02 00 00 00 02 ce ca .....0.. ......ÎÊ
00 00 00 00 00 00 00 00 00 00 ff ff 00 00 00 0a ........ ..ÿÿ....
02 c6 00 00 00 28 0a 01 01 01 0a 01 01 02 0a 01 .Æ...(.. ........
01 01
The source IP address is 10.1.1.2, found on the
second line as 0x0a 0x01 0x01 0x02.
0a 01 01 02
The second pane in Ethereal is very helpful in
isolating and identifying the meaning of each
byte in the dump above.
- jeff parker
- axiowave networks