SNOOP: The Executable


by

Brendan D. Donahe
Jerome C. Parks


prepared for

A. K. Petersen
EE 464

December 11, 1996


ABSTRACT


TABLE OF CONTENTS

  1. ABSTRACT
  2. TABLE OF CONTENTS
  3. USING SNOOP.EXE
  4. UNDERSTANDING THE OUTPUT
  5. BACKGROUND
  6. REFERENCES
  7. NOTES
  8. THE CODE


USING SNOOP.EXE

<-- 32 bits wide -->
Ethernet destination address (first 32 bits)
Ethernet destination (last 16 bits) Ethernet source (first 16 bits)
Ethernet source address (last 32 bits)
Type Code
IP header, then TCP header, then your data

.... ....

end of your data

Ethernet Checksum
<-- 32 bits wide -->
Version IHL Type of Service Total Length
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
TCP header, then your data .....
<-- 32 bits wide -->
Source Port Destination Port
Sequence Number
Acknowledgment Number
Data
Offset
Reserved U
R
G
A
C
K
P
S
H
R
S
T
S
Y
N
F
I
N
Window
Checksum Urgent Pointer
your data ... next 500 octets
.... ....


REFERENCES

  1. PC/TCP Packet Driver Specifications, Revision 1.09, FTP Software, Inc. September 14, 1989.


NOTES


THE CODE