I’m packet sniffing using jpcap, and I’m wondering how I can find out which request the response is for. The HTTP header fields don’t even state the address of the server, and there are no ID’s.
Do I need to check ports or something?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m packet sniffing using jpcap, and I’m wondering how I can find out which request the response is for. The HTTP header fields don’t even state the address of the server, and there are no ID’s.
Do I need to check ports or something?
It sounds like you’re looking at captured IP packets without understanding how TCP connections work. The answer is that the HTTP headers don’t include the address of the server, because they don’t need to. The HTTP data is set across a TCP connection, which manages the source and destination addresses for each packet.
A TCP connection is like a virtual “pipe” between the client and the server. Any data sent on a TCP connection either:
Even if the individual IP packets might be fragmented and arrive at the destination in a different order from what was sent, TCP will sort all that out and present the receiver with a consistent, guaranteed view of the same data the sender put into the pipe.