A


P P E N D I X


C


Packet Header 


Formats


nort rules use the protocol type field to distinguish among different


S


protocols. Different header parts in packets are used to determine


the type of protocol used in a packet. In addition, rule options can test


many of the header fields. This appendix explains headers of different


protocols. These packet headers are explained in detail in RFCs. Under 


standing different parts of these packet headers is very important for writ 


ing effective Snort rules.


IP Packet Header


The basic IPv4 header consists of 20 bytes. An options part may be present after these


20 bytes. This optional part may be up to forty bytes long. Structure of IP header is


present in Figure C 1.


V


IHL


TOS


Total Length


ID


F


Frag Offset


TTL


Protocol


Header Checksum


Source Address


Destination Address


Figure C 1 IP header


237








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      toronto web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved