Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Networking > tcpdump filters quiz > Flashcards

tcpdump filters quiz Flashcards

1
Q

If the source address begins in byte 12 offset from 0 of an IP header, and the
destination address begins at byte 16, which tcpdump filter could you use to
find records where the source and destination IP addresses are the same?

A

ip[12:4] = ip[16:4]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

If the destination address begins in byte 16 offset from 0 in an IP header,
which tcpdump filter would you use to see whether the destination address is
the network address “x.x.x.0”?

A

ip[19] = 0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Given the following set of TCP flags found at the 13th byte of the TCP header,
which tcpdump filter would you use to find TCP records where both the SYN flag
and the FIN flag are set?

|xxx|xxx|URG|ACK|PSH|RST|SYN|FIN|

A

tcp[13] & 0x02 != 0 and tcp[13] & 0x01 != 0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Networking (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions