So, for the CS project, I have to sniff the network stream and create files from this stream. For example, if the program is pointed to ~ / dumps / tmp /, then the directory structure will be as follows:
~ / dumps / TMP /192.168.0.1/ page1.html page2.html [various resources for pages 1 and 2] uploaded file1 /192.168.0.2/ so on and so forth
I do this in C and pcap on linux (since I already know C ++ and I think that the learning experience will be good).
So far, I have looked at various header formats for TCP / IP.
TCP Header
I suppose I can sort the packages by their dst / src, and then arrange them correctly using the sequence and confirmation windows.
But does that leave me with a big one? how to find out how az packages are part of the html file and part of the AZ of some downloadable random file, etc.?
Also, what other kind of header formats should I look for? I currently have:
I would post more hyperlink images, but I probably need a reputation to do this, sorry
TCP, Ethernet, UDP, and I will manage things like FTP (but I'm sure FTP is built on top of TCP, like HTTP)
So, in a nutshell, how do I find the files in the network stream, and are there any missing major protocols that I will need to read?
WORD
I cannot figure out how to answer, so this will need to be done.
pcap , - Wiresharks ( ), .
, OSI, , ?
, , "" .