Packet capture quick info on determining network, server, or client

Started by dlots, November 19, 2015, 12:42:16 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

dlots

November 19, 2015, 12:42:16 PM
I did a webanar today on packet caps and it was pretty good, the main things I found that are useful are:

If the time from syn to syn-ack is smaller = capturing at the server
Time from syn-ack to ack is smaller = capturing at the client

Time from syn to syn-ack = your network round trip timer
Time from ack to request = client delay
Time from request to response = server delay.

deanwebb

#1
November 19, 2015, 12:45:10 PM
That's a handy set of tips. Thanks!
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

SofaKing

#2
November 20, 2015, 01:13:18 PM
Nice!!!  Thanks!!!
Networking -  You can talk about us but you can't talk without us!

fsck

#3
November 20, 2015, 04:57:43 PM
I'm starting to look into packet captures so that information helped thank you.
Print
Go Up Pages1
User actions