Wireshark · Ethereal-users: Re: ***SPAM*** [Ethereal-users] Help reading captured packets

Ethereal-users: Re: SPAM [Ethereal-users] Help reading captured packets

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Alexandros Papadopoulos <apapadop@xxxxxxxxxxxxxx>

Date: Mon, 14 Feb 2005 12:12:10 +0200

On Saturday 12 February 2005 22:58, Stefrae15@xxxxxxx wrote:
> I'm doing a lab in my class using Ethereal. We are to find out what
> operating system is being used by the client. Where would we find
> this  information in captured packets.

So, the question is how does one do *your* homework?

Generally speaking, you look for OS-specific protocol headers or 
identification data in the payload of captured packets. Capture a HTTP 
stream and look in the first packets after connection establishment 
(also referred to as three-way-handshake) and you'll find out a lot 
both about the server and the client.

-A

References:
- [Ethereal-users] Help reading captured packets
  - From: Stefrae15

Prev by Date: Re: [Ethereal-users] information
Next by Date: RE: [Ethereal-users] Help reading captured packets
Previous by thread: [Ethereal-users] Help reading captured packets
Next by thread: RE: [Ethereal-users] Help reading captured packets
Index(es):
- Date
- Thread