This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

PDU on ICMP?

0

Hi guys

My teacher asked us to analyse a computer's network and answer a couple of questions. If we found ICMP v4 and v6 (which i was able to asnswer), what are the size of the ethernet frames (which i was also able to answer), which is the size of ICMP data (which i was also able to answer) so, you see, that kind of thing about ICMP.

What i didn't get is that: he asked us to answer which PDU's ICMP have been captured? (???) (I've looked about 10 video lessons about ICMP on youtube and couldn't find anything about it!) And he also asks the difference between the size of the PDUs that have been captured. Well it would help if I only knew what are those pdus on icmps or anything of that sort.

I'm sorry I'm kind of stupid on the subject, but please do answer me, even if you are not really sure too, anything will help anything will do i'm just lost and any kind of help will be appreciated.

Thank you.

asked 02 Nov '16, 11:43

pbennett's gravatar image

pbennett
6112
accept rate: 0%

(02 Nov '16, 13:35) Christian_R

One Answer:

1

ICMP is a rudimentary messaging system, and is also used to test connectivity. Leaving aside connectivity testing, which is done with ping, many ICMP packets return the original packet--or the first few bytes of the original packet--that triggered the ICMP message.

So I'd suggest using Wireshark to see what's in the ICMP. Expand the Internet Control Message Protocol section in the Packet Details pane and see what's listed there.

I think what your teacher is asking is: "Was this ICMP generated in response to an IP packet, a TCP datagram, a UDP datagram, etc.?"

answered 02 Nov '16, 15:26

Jim%20Aragon's gravatar image

Jim Aragon
7.2k733118
accept rate: 24%