25 marzec 2008

XTP???

Jeden z monitorowanych przeze mnie IDSów "złapał" bardzo ciekawy pakiet. Nie powinien dotrzeć (przy dobrze skonfigurowanym firewallu), ale przyroda płata figle;)

ff ff ff ff ff ff 00 1a 64 27 57 03 08 00 45 00 ........ d'W...E.
00 00 00 00 ff 0c 08 36 34 32 37 35 37 30 ff ff .......6 427570..
ff ff 00 44 00 43 01 1e 2b 72 01 01 06 00 64 27 ...D.C.. +r....d'
57 19 00 00 80 00 00 00 00 00 00 00 00 00 00 00 W....... ........
00 00 00 00 00 00 00 1a 64 27 57 03 00 00 00 00 ........ d'W.....
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 63 82 53 63 35 01 01 33 04 ff ......c. Sc5..3..
ff ff ff 0c 08 36 34 32 37 35 37 30 33 37 03 01 .....642 757037..
03 06 ff 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........


Czy to XTP? (IP proto = 36)

Whois mówi o amerykańskich serwerach:

NetRange: 55.0.0.0 - 55.255.255.255
CIDR: 55.0.0.0/8
NetName: ARMY-RCAS
NetHandle: NET-55-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS01.ARMY.MIL
NameServer: NS02.ARMY.MIL
NameServer: NS03.ARMY.MIL
Comment:
RegDate: 1996-10-26
Updated: 2007-04-06


A co na to wikipedia?


Xpress Transport Protocol (XTP) is a transport layer protocol for high-speed networks promoted by the XTP Forum developed to replace TCP. XTP provides protocol options for error control, flow control, and rate control. Instead of separate protocols for each type of communication, XTP controls packet exchange patterns to produce different models, e.g. reliable datagrams, transactions, unreliable streams, and reliable multicast connections.
XTP does not employ congestion avoidance algorithms. XTP is a real-time option at Layer 4 for the US Navy SAFENET LAN Profile.


Tak czy siak, mam okazję żeby nauczyć się czegoś nowego - z XTP wcześniej się nie spotkałem. Ba! Nawet nie słyszałem;)



Autor: Wojciech Wirkijowski o 15:51
Etykiety: , ,

0 komentarze:

Prześlij komentarz

Subskrybuj: Komentarze do posta (Atom)