ip/tcp signal processing

[bwanaaa]

How much information (in bytes) of the TCP/IP header identifies a packet uniquely? In other words, if a collect a bunch of packets streaming off the net, how would i know which bytes to read off each packet so that i could identify the packets that refer to my message?

Do the packet headers have a certain format?

Now for the really weird, way out there question:



If an ET were listening to our internet traffic, could they decode it without knowing the format?

 

[Markbnj]

You've at least got the IP address and port, and there may be other unique identifying features. But I don't know if that satisfies your need to know it is part of your message. There could be other traffic to the same IP and port.

Could aliens decipher packets? I would think so, but it would be harder than deciphering written language or speech, because some of the conversants aren't human, so you can't make easy assumptions to get started. If they had multi-sensory capabilities and could correlate packet activity and content with events and phases of life around the planet that would probably give them a leg up.

 

[jersiq]

Yes TCP and IP and Ethernet headers follow the RFC's that define them.

For example:
IP headers
TCP Headers
Ethernet Headers

It was decided to standardize a long time ago (since inception) to prevent two nodes not being able to talk to one another.

Any sniffer worth it's salt would be able to parcel out the data in the payload. Problem is that it is in HEX, and you have to know what the application is processing with said data.
If it's TCP, then alls that you have to do is look at the ACK sequence to determine the order of the packets. In fact Wireshark will link you to other relevant packets in your capture.

How would an ET listen to our Internet Traffic without us knowing? I am sure if a baseline was established by looking at one nodes traffic, a pattern would emerge based on the same IP, MAC, and habits of the user.
Heck, look at the cribs that Bletchly Park came up with in order to crack the Enigmas.

 

[bfrazier]

Originally posted by: bwanaaa
How much information (in bytes) of the TCP/IP header identifies a packet uniquely? In other words, if a collect a bunch of packets streaming off the net, how would i know which bytes to read off each packet so that i could identify the packets that refer to my message?

Do the packet headers have a certain format?

Now for the really weird, way out there question:



If an ET were listening to our internet traffic, could they decode it without knowing the format?

Packet Identification: 16 bits (so two bytes in answer to your question) - the value assigned by a sender to help reassemble the datagram fragments. These are the 32nd through 48th bits in a header or Octet 5 and 6, if I understand your question - maybe I don't.

This would not be the source nor the destination IP's, just the Packet ID.

Yes, packet headers have a very precise format.

There are plenty of graphics that illustrate such headers. http://www.ciscopress.com/arti...p=348253&seqNum=4&rl=1

Bonus Weird question's possible answer: I think some ET's could figure out the format easily enough but that none could begin to make sense of the data stream it without at least that basic understanding. It is possible that you are an alien in search of precisely that information.

Bob

 

[bwanaaa]

Originally posted by: jersiq
.... Problem is that it is in HEX, and you have to know what the application is processing with said data. .

that shouldnt be too hard. if all i want to do was read unencrypted text. and i knew the alphabet and had a dictionary.

look at the cribs that Bletchly Park came up with in order to crack the Enigmas.

could you direct me to an account of this. no i am not lazy, just stupid. google gave me what felt like a googleplex of references. what are 'cribs'?