Re: match packets at sender and receiver

[Andrej van der Zee <andrejvanderzee () gmail com>]

Hi,

Thanks for your reply.

> >
> It partially depends upon the nature of the traffic. Simple cases
> wherein the data is encapsulated via tcp AND ip allow you to infer which
> interface sent the traffic and additionally allow you to infer
> temporality-tracking differences between hosts by matching up timestamps
> and sequence numbers. Other packet-formatting combinations may provide
> fewer data-points for you to utilize while engaging in the measurement
> exercises you indicated interest in.  I'd be interested to hear if
> anyone's successfully made use of protocol-independent techniques.

Mostly I am concerned with TCP but a protocol-independent technique is
definitely preferred! Anybody?

Thank you,
Andrej
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe