Which of the following packets saved in the file pingout.pcap would be returned with the following Berkley Packet Filters? tcpdump -nn -r pingout.pcap `˜icmp and (dst host 8.8.8.8)'
Which of the following packets saved in the file pingout.pcap would be returned with the following Berkley Packet Filters? tcpdump -nn -r pingout.pcap `˜icmp and (dst host 8.8.8.8)'
The Berkley Packet Filter (tcpdump) specified is looking for ICMP packets where the destination host is 8.8.8.8. Option D captures an ICMP echo request where the destination IP address is 8.8.8.8, which aligns perfectly with the filter criteria. The other options either pertain to different protocols (UDP, TCP) or have different source/destination IP addresses that do not match the filter requirements.
Okay, so filters are ICMP protocol and destination IP address 8.8.8.8 A - protocols is UDP, so not correct B - 8.8.8.8 is source IP address, so not correct C - Flags [S] indicates that this is a TCP SYN flag, which means that protocol is TCP, so not correct D - protocol is ICMP and destination IP address is 8.8.8.8 - CORRECT