[ARGUS] How to decipher ports
Carter Bullard
carter at qosient.com
Sat Aug 15 10:16:28 EDT 2020
Hey Monah,
If the ports are printed in hex, its usually because they are ICMP traffic …
An 0x08 in the sport field is an ICMP_ECHO packet, and the 0x367c is the sequence number for the pings.
Hope this helps …
Carter
> On Aug 14, 2020, at 1:14 PM, Monah Baki <monahbaki at gmail.com> wrote:
>
> Hi all,
>
> I'm seeing a lot of (from Russia)
>
> 185.141.225.2.0x0008 1960 RU x.x.x.x.0x367c
>
> How to figure out what the ports are?
>
>
> Thanks
> Monah
> _______________________________________________
> argus mailing list
> argus at qosient.com
> https://pairlist1.pair.net/mailman/listinfo/argus
More information about the argus
mailing list