in reply to Finding patterns in packet data?

I have already sniffed the packets using Win2K's built in network monitor. I have text files that contain the byte information of each packet sent between the boxes. The application that I am testing claims to insert a special value into each packet so that the receiving application knows it came from the correct source. So, basically what I have is a lot of hex data that I'm trying to compare to see if I can determine what the "magic number" is, if it changes between runs, etc. Basically the problem is - given several sets of hex data, how do I find the patterns that show up in the largets number of sets?
  • Comment on (Guildenstern) Re: Finding patterns in packet data?

Replies are listed 'Best First'.
(jjhorner) RE: Finding patterns in packet data?
by jjhorner (Hermit) on Aug 04, 2000 at 21:35 UTC

    You should be able to tell where the number will be in the packet. Once you do, you will have to either search the hex data for the number at that substr, or unpack and search the new data. 

    J. J. Horner
Linux, Perl, Apache, Stronghold, Unix
jhorner@knoxlug.org http://www.knoxlug.org/
[reply]

In Section Seekers of Perl Wisdom