style="display:inline-block;width:728px;height:90px"
data-ad-client="ca-pub-7505528228218001"
data-ad-slot="1225241371">

December 2014

First timer

I need to do the following Task

1- Parse the PCAP file. You may use jpcap/jnetpcap library for this.
2- Find the distribution of the destination port numbers of the packets.
3- Output the distribution in sorted order once pcap is processed

I have attached .pcap the File below,

This is my output, But if someone can explain what I really need to output.
--------------------------------------------------------------------------------

frame #1
frame #2
frame #3
tcp.dst_port=80
tcp.src_port=2468
tcp.ack=0
tcp header::
Tcp: ******* Tcp offset=34 (0x22) length=32
Tcp:
Tcp: source = 2468
Tcp: destination = 80
Tcp: seq = 0x71D11B2E (1909529390)
Tcp: ack = 0x0 (Innocent
Tcp: hlen = 8
Tcp: reserved = 0
Tcp: flags = 0x2 (2)
Tcp: 0... .... = [0] cwr: reduced (cwr)
Tcp: .0.. .... = [0] ece: ECN echo flag
Tcp: ..0. .... = [0] ack: urgent, out-of-band data
Tcp: ...0 .... = [0] ack: acknowledgment
Tcp: .... 0... = [0] ack: push current segment of data
Tcp: .... .0.. = [0] ack: reset connection
Tcp: .... ..1. = [1] ack: synchronize connection, startup
Tcp: .... ...0 = [0] fin: closing down connection
Tcp: window = 65535
Tcp: checksum = 0x4E79 (20089) [correct]
Tcp: urgent = 0
Tcp:
Tcp: + MSS: offset=20 length=4
Tcp: code = 2
Tcp: length = 4
Tcp: mss = 1460
Tcp:
frame #4
frame #5
tcp.dst_port=2468
tcp.src_port=80
tcp.ack=71d11b2f
tcp header::
Tcp: ******* Tcp offset=34 (0x22) length=32
Tcp:
Tcp: source = 80
Tcp: destination = 2468
Tcp: seq = 0x2EB2C30A (783467274)
Tcp: ack = 0x71D11B2F (1909529391)
Tcp: hlen = 8
Tcp: reserved = 0
Tcp: flags = 0x12 (18)
Tcp: 0... .... = [0] cwr: reduced (cwr)
Tcp: .0.. .... = [0] ece: ECN echo flag
Tcp: ..0. .... = [0] ack: urgent, out-of-band data
Tcp: ...1 .... = [1] ack: acknowledgment
Tcp: .... 0... = [0] ack: push current segment of data
Tcp: .... .0.. = [0] ack: reset connection
Tcp: .... ..1. = [1] ack: synchronize connection, startup
Tcp: .... ...0 = [0] fin: closing down connection
Tcp: window = 16560
Tcp: checksum = 0x1C4D (7245) [correct]

how to get the specific packet in an offline *.pcap file? And how to get the total number of an offline *.pcap file?

i wanna parse an offline *.pcap file, and meet the following problems.

how to get the specific packet in an offlien *.pcap file?

And how to get the total number of packets of an offline *.pcap file?

device name

i have a question on getting the device information with PcapIf

the way it provides me with the information now is like this.

#0: \Device\NPF_{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx} [Microsoft]
#1: \Device\NPF_{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx} [b][Microsoft][/b]
#2: \Device\NPF_{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx} [Microsoft]
#3: \Device\NPF_{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx} [Realtek PCIe GBE Family Controller]

The last adapter has a name which makes sence to me.

Adapter #1 on the other hand, I know its my dell wifi adapter: Dell Wireless 1704 802.11b/g/n (2,4GHz)

my problem is that jnetpcap does get the device information just like wireshark, but wireshark makes the translation the a usefull name such as Wi-fi and Ethernet.

So my question is: is there a way to get usefull names from the adapters, such as wireshark does?