No Subject

I was in lurk mode and was fascinated to see the reference to hex2ppp. I've been unable to compile it though, as I am running on Linux and apparently Linux's #defines for protocol constants have different names than those in the include files of whatever system this code was compiled on. If you've been able to compile this code, can I ask where you obtained the .h's? Thanks, Larry On Mon, 10 Nov 1997, Andre Beck wrote: > On Fri, Nov 07, 1997 at 09:34:03AM +0000, Rylan Luke wrote: > > I am attempting to find a logon burp under NT 4 which causes my > > Pipeline 75 to dial out. > > > > Using wddi from Diagnostics, I get a hex dump of the packet which > > causes the dialout. > > > > I was promised a faxed document from Ascend Tech support which > > explains what kind of data I am looking at... it never arrived. > > > > Here is the data from wddi; is this an IP packet? > > > > [0000]: 00 C0 7B 63 B1 1E 00 80 C8 86 26 F6 08 00 45 00 > > [0010]: 00 3C E9 05 00 00 1F 01 E5 BF C0 A8 64 66 A5 E3 > > [0020]: 02 0A 08 00 25 5C 01 00 27 00 61 62 63 64 65 66 > > [0030]: 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 > > > > I also looked on Ascend's web site, and couldn't find any documents > > explaining this command, or the data format. > > > > Is there such a document; is this just a standard packet that I can > > use an RFC to decode? > > It is simply a straight hexdump of a layer 2 frame, i.e. ethernet. > It is Ethernet_II and from the protocol id 0800 you can be sure it > indeed is IP. IP starts at offset 14 and is (as beeing IPv4) easily > detetcted with the first nibble of a byte beeing 4 (and in most cases > the whole byte beeing 45 due to normal [i.e. optionless] IP headers > having 5 longwords). The rest can be analyzed if you have RFC 791, 792 > handy or with a nice little program that Phillip Vandry <vandry@Mlink.NET> > posted to this list a while ago (<A HREF="http://www.mlink.net/~vandry/hex2ppp.html">http://www.mlink.net/~vandry/hex2ppp.html</A>): > > beck@micky:~ > hex2ppp/hex2ppp > [0000]: 00 C0 7B 63 B1 1E 00 80 C8 86 26 F6 08 00 45 00 > [0010]: 00 3C E9 05 00 00 1F 01 E5 BF C0 A8 64 66 A5 E3 > [0020]: 02 0A 08 00 25 5C 01 00 27 00 61 62 63 64 65 66 > [0030]: 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 > 00c07b63b11e0080c88626f60800 IPv4 <len=3c> <id=e905> <ttl 31> ICMP 192.168.100.102 --> 165.227.2.10 EchoRequest <code=0> <sum=255c> <id=256> <seq=9984> 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 > ^D > > Yeah, normal ICMP echo request (i.e. ping) from 192.168.100.102 to > 165.227.2.10 and likely to cause a dialout. > > Andre. > -- > > Kanther-Line: PGP SSH IDEA MD5 GOST RIPE-MD160 3DES RSA FEAL32 RC4 > > +-o-+--------------------------------------------------------+-o-+ > | o | \\\- Brain Inside -/// | o | > | o | ^^^^^^^^^^^^^^ | o | > | o | Andre' Beck (ABPSoft) beck@ibh-dd.de XLink PoP Dresden | o | > +-o-+--------------------------------------------------------+-o-+ > ++ Ascend Users Mailing List ++ > To unsubscribe: send unsubscribe to ascend-users-request@bungi.com > To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> > ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request@bungi.com To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> </PRE>     <HR> References: <UL> <LI><A HREF="msg10596.html">Re: (ASCEND) wddi Debug Data Format</A></LI> <UL> <LI>From: Andre Beck <beck@ibh-dd.de></LI> </UL> </UL>   <HR> <UL> <LI>Prev by Date: <A HREF="msg10598.html">(ASCEND) Patch: radiusd uses db library</A> </LI> <LI>Next by Date: <A HREF="msg10596.html">Re: (ASCEND) wddi Debug Data Format</A> </LI> <LI>Prev by thread: <A HREF="msg10596.html">Re: (ASCEND) wddi Debug Data Format</A> </LI> <LI>Next by thread: <A HREF="msg10592.html">Re: (ASCEND) wddi Debug Data Format</A> </LI> <LI>Index(es): <UL> <LI><A HREF="maillist.html#10597">Main</A></LI> <LI><A HREF="thrd234.html#10597">Thread</A></LI> </UL> </LI> </UL>    </BODY> </HTML>

Prev by Date: No Subject

Next by Date: No Subject

Prev by thread: No Subject

Next by thread: No Subject

Index(es):

Date

Thread