packet
When will a TCP network packet be fragmented at the application layer?
It will be split when it hits a network device with a lower MTU than the packet’s size. Most ethernet devices are 1500, but it can often be smaller, like 1492 if that ethernet is going over PPPoE (DSL) because of the extra routing information, even lower if a second layer is added like Windows … Read more
Capture incoming traffic in tcpdump
In Bash shell try this: tcpdump -i eth0 tcp and dst host $MyIpAddress and not src net $MyNetworkAddress/$myNetworkBytes or this equivalent formulation: tcpdump -i eth0 ip proto \\tcp and dst host $MyIpAddress and not src net $MyNetworkAddress/$myNetworkBytes On my system this resolves to something like: tcpdump -i eth0 tcp and dst host 10.0.0.35 and not … Read more
Does TCP send a SYN/ACK on every packet or only on the first connection?
It’s kinda like: +——————————————————-+ | client network server | +—————–+ +——————–| | (connect) | —- SYN —-> | | | | <– SYN,ACK — | (accepted) | | (connected) | —- ACK —-> | | \_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/ when client sends… \_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/\_/ | | | | | (send) | —- data —> | | | | <—- … Read more
iPhone and WireShark [closed]
Update (2021-04-01): Paros no longer can be easily installed and run on many OS’s due to using an extremely old version of Java. However there is now OWASP ZAP which is a fork of Paros and can be used to achieve the same ends. Basic steps are: Install ZAP’s root CA certificate on your iOS … Read more
What is the mask in a WebSocket frame?
Websockets are defined in RFC6455, which states in Section 5.3: The unpredictability of the masking key is essential to prevent authors of malicious applications from selecting the bytes that appear on the wire. In a blog entry about Websockets I found the following explanation: masking-key (32 bits): if the mask bit is set (and trust … Read more
JavaScript WebSockets with UDP?
It sounds like what you’re waiting for is WebRTC which is working it’s way through the standards process. WebSockets, as other people have pointed out, run over TCP as a result of initiating with an HTTP Upgrade.