Reputation: 21
get sequence number using winpcap
I am working on a project and I have a minor task of retrieving packet sequence numbers.Recently, I came to know about winpcap and I want to know whther I can retrieve sequence numbers from TCP headers.Please help
Upvotes: 0
Views: 523
Answers (2)
Reputation: 4204
You can retrieve the sequence number from the packet. WinPcap, after capturing a packet passes it to you as a byte sequence of type char*. You will need to use pointers and structures to get to the TCP Header(Refer to the WinPcap documentation) once you have a tcp header structure pointing at the start of the tcp header of the byte array, you can access the sequence number as a member of the structure DON'T forget to use ntohl() to convert the sequence number to host bit format.
Upvotes: 0
Reputation: 8736
winpcap is a library for sniffing packets. WinDump is a command-line utility (similar to tcpdump) that will display packets and sequence numbers (use -S to get absolute sequence numbers). WireShark is a GUI that will do it all for you.
Upvotes: 1
Related Questions
- TCP Sequence Number
- is it possible to get the TCP sequence number of SYN/ACK packet in TCP 3-way handshaking?
- TCP packet sequence number
- TCP sequence number question
- How to extract all the http request's tcp sequence numer with tshark?
- sequence number in TCP
- Sequence number TCP
- Grabbing Sequence Numbers of a tcp-packet
- Get tcp socket sequence number an ack number
- Reading TCP Sequence Number Before Sending a Packet