[Tutor] ICMP checksum
the taloner
taloner at gmail.com
Tue Sep 27 16:53:44 CEST 2005
Thanks Kent,
It worked for the checksum.
Only thing that i am still confused with is the part where sequence numbers
are concerned. In the tcpdump o/p I still see seq as 0 over multiple
packets.
Regards
On 9/27/05, Kent Johnson <kent37 at tds.net> wrote:
>
> the taloner wrote:
> > Hi list,
> >
> > I was just playing around with one of the examples given in Python
> > cook-book. This examples show you how to send data using ICMP packets.
> > http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/439224
> >
> > While running the script I encountered a problem which was with the
> > statement
> >
> > icmp.set_icmp_cksum(0)
> >
> > The error encountered was
> >
> > Traceback (most recent call last):
> > File "icmpdata.py", line 38, in ?
> > icmp.set_icmp_chksum(0)
> > AttributeError: ICMP instance has no attribute 'set_icmp_chksum'
>
> This recipe uses a package called impacket which is available from
> http://oss.coresecurity.com/projects/impacket.html
>
> Looking at the implementation of ICMP in the latest release of
> ImpactPacket.py, the correct spelling of the method is 'set_icmp_cksum'
>
> Kent
>
> >
> >
> > So I did the next logical thing, commented the line in code (which
> > appears twice). Script ran smoothly and I captured the traffic using
> > tcpdump.
> > When the script sends first 54 bytes everything is good. When I send a
> > longer data string, and the script is forced to split the data over
> > multiple packets I start fasing a problem with checksum.
>
> That shouldn't be too surprising if you commented out the line that sets
> the checksum!
>
> >
> > 17:36:36.198543 IP (tos 0x0, ttl 255, id 16951, offset 0, flags [none],
> > length: 82) 192.168.3.37 <http://192.168.3.37> <http://192.168.3.37> >
> 192.168.3.36 <http://192.168.3.36>
> > <http://192.168.3.36>: icmp 62: echo reply seq 0
> > 0x0000: 0002 3fb9 17fe 000c 299c e8a5 0800 4500 ..?.....).....E.
> > 0x0010: 0052 4237 0000 ff01 f1d9 c0a8 0325 c0a8 .RB7.........%..
> > 0x0020: 0324 0000 bab9 0001 0000 6161 6161 6161 .$........aaaaaa
> > 0x0030: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
> > 0x0040: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
> > 0x0050: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
> > 17:36:37.198470 IP (tos 0x0, ttl 255, id 16952, offset 0, flags [none],
> > length: 82) 192.168.3.37 <http://192.168.3.37> <http://192.168.3.37> >
> 192.168.3.36 <http://192.168.3.36>
> > <http://192.168.3.36>: icmp 62: echo reply seq 0 (wrong icmp cksum bab9
> > (->bab8)!)
> > 0x0000: 0002 3fb9 17fe 000c 299c e8a5 0800 4500 ..?.....).....E.
> > 0x0010: 0052 4238 0000 ff01 f1d8 c0a8 0325 c0a8 .RB8.........%..
> > 0x0020: 0324 0000 bab9 0002 0000 6161 6161 6161 .$........aaaaaa
> > 0x0030: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
> > 0x0040: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
> > 0x0050: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
> >
> > Also as you can see that seq is not increasing as ideally it should have
> > been as directed by this line:
> >
> > seq_id = seq_id + 1
> >
> > Can someone give some light on these issues?
> >
> > Thanks
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Tutor maillist - Tutor at python.org
> > http://mail.python.org/mailman/listinfo/tutor
>
> _______________________________________________
> Tutor maillist - Tutor at python.org
> http://mail.python.org/mailman/listinfo/tutor
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/tutor/attachments/20050927/d1c4b984/attachment.htm
More information about the Tutor
mailing list