01 December 2020

Pcap Header

Format pcap file 



Dalam Global Header, ada timzone info.

Dalam Packet Header ada timestamp.

Dalam Packet Data ada network traffic yg lalu (dihantar/diterima) NIC tersebut.


Packet vs Frame

Frame is refer to data link layer
Packet refer to network layer




Ref:

- https://www.elvidence.com.au/understanding-time-stamps-in-packet-capture-data-pcap-files/