LinuxQuestions.org - tcpdump output

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - tcpdump output (https://www.linuxquestions.org/questions/linux-security-4/tcpdump-output-73470/)

hampel

07-17-2003 03:19 AM

tcpdump output

Hello,

what means the '74' in this line?

09:41:30.052039 192.168.1.98.20127 > 192.168.1.2.22289: udp 74 (ttl 127, id 25246, len 102)

Thanks for help!

dai	07-17-2003 08:11 AM

not sure as Ive not used tcpdump but it looks like the UDP port number

or

maybe the size of the UDP packet

hampel

07-17-2003 09:36 AM

Hi,

now the port number is this behind the ip!

any suggestions?

german

07-17-2003 09:57 AM

I believe it has something to do with the flags set on the packet. The port numbers are bold, length is italics.

09:41:30.052039 192.168.1.98.20127 > 192.168.1.2.22289: udp 74 (ttl 127, id 25246, len 102)

hampel

07-17-2003 11:02 AM

I get packets with 'value' 44 or 165 instead of 74, too!

dai	07-17-2003 11:09 AM

Perhaps it indicates the size of the payload of the packet rather than the size of the whole packet????

hampel

07-17-2003 02:23 PM

i get many packets, and only with these numbers!
it guess it's the small icon in my taskbar (windows) which checks for new e-mail!

phoeniXflame

07-17-2003 02:44 PM

if my memmory serves me correctly its the size of the packets not including udp and ip protocol headers

dai	07-17-2003 04:18 PM

Quote:

Originally posted by phoeniXflame
if my memmory serves me correctly its the size of the packets not including udp and ip protocol headers

Yeah it sounds like its just the payload of the packet

hampel

07-18-2003 12:53 AM

Thanks!!

All times are GMT -5. The time now is 04:42 PM.