wireshark数据分析学习
来源:互联网 发布:儿童编程游戏 编辑:程序博客网 时间:2024/05/17 22:37
wireshark数据分析--http
选择一个http封包,选中该封包可在窗口下方查看详情,进行分析。
Frame 23: 241 bytes on wire (1928 bits), 241 bytes captured (1928 bits) 23帧241个字节(1928位)上线,捕获了241字节(1928位)
Encapsulation type: Ethernet (1) 封装类型:以太网(1)
Arrival Time: Jan 20, 2015 11:14:27.295248000 中国标准时间 到达时间:一月22,2015 11:14:27.295248000
Time shift for this packet: 0.000000000 seconds 此包时移:0.000000000秒
Epoch Time: 317186067.295248000 seconds 划时代时间:317186067.295248000秒
Time delta from previous captured frame: 0.014069000 seconds 从以前捕获的帧的时间差:0.014069000秒
Time delta from previous displayed frame: 0.014069000 seconds 从以前的帧显示的时间差:0.014069000秒
Time since reference or first frame: 13.510681000 seconds 自引用或第一帧时间:13.510681000秒
Frame Number: 23 帧编号:23
Frame Length: 241 bytes (1928 bits) 帧长度:241个字节(1928位)
Capture Length: 241 bytes (1928 bits) 捕获长度:241个字节(1928位)
Frame is marked: False 帧标记:虚假
Frame is ignored: False 帧被忽略:虚假
Protocols in frame: eth:ethertype:ip:tcp:http 帧协议:eth:ethertype:ip:tcp:http n
Number of per-protocol-data: 1 每个协议数据量:1
[Hypertext Transfer Protocol, key 0] 超文本传输协议,键值0
Coloring Rule Name: HTTP 着色规则名称:HTTP
Coloring Rule String: http || tcp.port == 80 || http2 着色规则字符串http || tcp.port == 80 || http2
Ethernet II, Src: Htc_46:48:8c (64:a7:69:46:48:8c), Dst: IETF-VRRP-VRID_8c (00:00:5e:00:01:8c) 以太网II,源Htc_46:48:8c (64:a7:69:46:48:8c), 目标: IETF-VRRP-VRID_8c (00:00:5e:00:01:8c)
Destination: IETF-VRRP-VRID_8c (00:00:5e:00:01:8c) 目的地:IETF-VRRP-VRID_8c (00:00:5e:00:01:8c)
Address: IETF-VRRP-VRID_8c (00:00:5e:00:01:8c) 地址:IETF-VRRP-VRID_8c (00:00:5e:00:01:8c)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) LG位:全局唯一地址(出厂默认)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) LG位:独特地址(单广播)
Source: Htc_46:48:8c (64:a7:69:46:48:8c) 来源: Htc_46:48:8c (64:a7:69:46:48:8c)
Address: Htc_46:48:8c (64:a7:69:46:48:8c) 地址:Htc_46:48:8c (64:a7:69:46:48:8c)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)LG位:全局唯一地址(出厂默认
.... ...0 .... .... .... .... = IG bit: Individual address (unicast) LG位:独特地址(单广播)
Type: IP (0x0800) 类型: IP (0x0800)
Internet Protocol Version 4, Src: 10.10.141.74 (10.10.141.74), Dst: 106.38.179.49 (106.38.179.49) 网络t协议版本IPV4,来源:10.10.141.74 (10.10.141.74), 目标: 106.38.179.49 (106.38.179.49)
Version: 4 网络t协议版本IPV4
Header Length: 20 bytes 报头的长度:20字节
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))区分服务领域:为0x00(DSCP:默认为0x00; ECN:0x0的:不ECT(不支持ECN的运输))
0000 00.. = Differentiated Services Codepoint: Default (0x00) 区分服务领域代码点数默认(0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00) 基于显示反馈的协议不ECT(不支持ECN的运输)(0x00)
Total Length: 227总长度:227
Identification: 0x9720 (38688) 标识: 0x9720 (38688)
Flags: 0x02 (Don't Fragment) 标志: 0x02 (Don't Fragment)
Fragment offset: 0 片段偏移:0
Time to live: 64 生存时间:64
Protocol: TCP (6) 协议: TCP (6)
Header checksum: 0xee48 [validation disabled] 头校验和: 0xee48
Source: 10.10.141.74 (10.10.141.74) 来源:10.10.141.74 (10.10.141.74)
Destination: 106.38.179.49 (106.38.179.49) 目标106.38.179.49 (106.38.179.49)
Source GeoIP: Unknown 来源基于IP查询的地理位置:未知
Destination GeoIP: Unknown目标基于IP查询的地理位置:未知
Transmission Control Protocol, Src Port: 40475 (40475), Dst Port: 80 (80), Seq: 1, Ack: 1, Len: 175 TCP协议,源端口号: 40475 (40475),目标端口号 80 (80), Ack: 1, 长: 175
Source Port: 40475 (40475) 源端口号: 40475 (40475)
Destination Port: 80 (80)目标端口号 80 (80)
Stream index: 5 流指数:5
TCP Segment Len: 175 TCP 节片长:175
Sequence number: 1 (relative sequence number) 序列号:1
Next sequence number: 176 (relative sequence number) 下一个序列号:176
Acknowledgment number: 1 (relative ack number)确认通知序列号:1
Header Length: 32 bytes 报头的长度:32字节
.... 0000 0001 1000 = Flags: 0x018 (PSH, ACK).... 0000 0001 1000 = 标志:0x018 (PSH, ACK)....
Window size value: 8030 窗口大小:8030
Calculated window size: 64240 计划窗口大小:64240
Window size scaling factor: 8:窗口大小缩放因子:8
Checksum: 0xb3c4 [validation disabled]校验和: 0xb3c4
Hypertext Transfer Protocol:http
GET /static/appsapi/conf/config.txt?cdnversion=5286434 HTTP/1.1\r\n:获取 /static/appsapi/conf/config.txt?cdnversion=5286434 HTTP/1.1\r\n
Expert Info (Chat/Sequence): GET /static/appsapi/conf/config.txt?cdnversion=5286434 HTTP/1.1\r\n 专家信息(聊天/序列)获取/static/appsapi/conf/config.txt?cdnversion=5286434 HTTP/1.1\r\n
Request Method: GET 请求方式:GET
Request URI: /static/appsapi/conf/config.txt?cdnversion=5286434 请求网址:/static/appsapi/conf/config.txt?cdnversion=5286434
Request Version: HTTP/1.1 请求版本:HTTP/1.1
Host: wappass.bdimg.com\r\n 主机:wappass.bdimg.com\r\n
Connection: Keep-Alive\r\n 连接:连接重用\r\n
User-Agent: Baidu-Android-Lib-V1.0\r\n用户代理: Baidu-Android-Lib-V1.0\r\n
Accept-Encoding: gzip\r\n浏览器支持的编码类型gzip\r\n
- wireshark数据分析学习
- wireshark 分析过滤数据
- 网络数据分析利器Wireshark
- WireShark数据包分析数据封装
- Wireshark 数据分析(一)
- Wireshark 数据分析(二)
- Wireshark 数据分析(三)
- Wireshark-ICMP数据报分析
- Wireshark-DNS数据报分析
- Wireshark 数据分析(一)
- Wireshark 分析 UDP 数据帧实例
- 利用WireShark抓包进行数据分析
- WireShark基本抓包数据分析
- tcpdump+wireshark分析数据笔记(1)
- tcpdump+wireshark分析数据笔记(2)
- Wireshark-UDP数据报分析&&广播
- WireShark对于WIFI数据帧的分析
- wireshark抓包数据:理解与分析
- SQL Server中收缩、清空和删除数据库文件及日志文件
- HDU 5266 【tarjan--水】
- redis windows下的环境搭建
- VC MFC 屏蔽ESC和ENTER键关闭对话框
- linux内核添加新驱动,并添加到menuconfig菜单
- wireshark数据分析学习
- 自动登录,记住密码功能实现
- 数据结构之---C语言实现广义表头尾链表存储表示
- 手机APP测试要点总结
- redis配置文件redis.conf的详细说明
- toString参数说明
- iOS知识小集 第一期(2015.05.10)
- 2.9 带平滑线的散点图
- nginx学习(1):编译、安装、启动