| 1 TIME: | 17:25:32.394378 (0.314456) |
| 2 LINK: | 00:80:19:42:21:68 -> 00:D0:58:A9:30:52 type=IP |
| 3 IP: | 207.226.3.43 -> 216.32.69.186.25 hlen=20 TOS=00 dgramlen=472 id=3DC2 |
| MF/DF=0/1 frag=0 TTL=255 proto=TCP cksum=4B75 | |
| 5 TCP: | port 2064 -> smtp seq=0122753662 ack=4082691367 |
| hlen=20 (data=432) UAPRSF=011000 wnd=17520 cksum=C20C urg=0 | |
| 7 DATA: | X-Sender: aaron@mail.cdtmail.org. |
| Message-Id: | |
| Date: Fri, 21 Jul 2000 17:27:27 -0400. | |
| 10 | To: paul.taylor@mail.house.gov. |
| 11 | From: Alan Davidson |
| 12 | Subject: Thanks for your help. |
| 13 | Content-Type: text/plain; charset=“us-ascii” ; format=“flowe |
| 14 | d”. |
| 15 | . |
| 16 | Paul,. |
| 17 | . |
| 18 | Thanks for your help in locating a projector for Monday's he |
| 19 | aring. I . |
| 20 | will be forwarding my testimony shortly.. |
| 21 | . |
| 22 | Alan Davidson. |
| 23.. |
4The tools used in the packet collection are freeware tools available for UNIX operating systems. The packet sniffing was done by tcpdump written by Van Jacobson, Craig Leres and Steven McCanne of the Lawrence Berkeley National Laboratory. The formatting of the packets into text was done by tcpshow written by Mike Ryan.
| 1 TIME: | 15:12:13.326012 (0.722398) |
| 2 LINK: | 00:80:19:42:21:68 -> 00:D0:58:A9:30:52 type=IP |
| 3 IP: | 207.226.3.43 -> 143.231.86.196 hlen=20 TOS=00 dgramlen=372 id=3216 |
| 4 | MF/DF=0/1 frag=0 TTL=255 proto=TCP cksum=8EB4 |
| 5 TCP: | port symplex -> http seq=0914855425 ack=1136120663 |
| 6 | hlen=20 (data=332) UAPRSF=011000 wnd=17520 cksum=7838 urg=0 |
| 7 DATA: | GET /canady/p74.jpg HTTP/1.0. |
| 8 | Referer: http://www.house.gov/canady/. |
| 9 | Connection: Keep-Alive. |
| 10 | User-Agent: Mozilla/4.72 (Macintosh; U; PPC). |
| 11 | Pragma: no-cache. |
| 12 | Host: www.house.gov. |
| 13 | Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, |
| 14 | image/png. |
| 15 | Accept-Encoding: gzip. |
| 16 | Accept-Language: en. |
| 17 | Accept-Charset: iso-8859-1,*,utf-8. |
| 18 | . |
5The tools used in the packet collection are freeware tools available for UNIX operating systems. The packet sniffing was done by tcpdump written by Van Jacobson, Craig Leres and Steven McCanne of the Lawrence Berkeley National Laboratory. The formatting of the packets into text was done by tcpshow written by Mike Ryan.
| 1 TIME: | 15:02:27.439225 (0.111930) |
| 2 LINK: | 00:80:19:42:21:68 -> 00:D0:58:A9:30:52 type=IP |
| 3 IP: | 207.226.3.43 -> 208.158.245.141 hlen=20 TOS=00 dgramlen=695 id=6638 |
| 4 | MF/DF=0/1 frag=0 TTL=255 proto=TCP cksum=79CE |
| 5 TCP: | port 1559 -> http seq=3306680833 ack=0184661700 |
| 6 | hlen=20 (data=655) UAPRSF=011000 wnd=17520 cksum=C1DE urg=0 |
| 7 DATA: | GET /booksearch/results.asp?WRD=prostate+cancer&userid=4MOT3 |
| 8 | F70ED HTTP/1.0. |
| 9 | Referer: http://www.bn.com/. |
| 10 | Connection: Keep-Alive. |
| 11 | User-Agent: Mozilla/4.72 (Macintosh; U; PPC). |
| 12 | Host: shop.barnesandnoble.com. |
| 13 | Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, |
| 14 | image/png, */*. |
| 15 | Accept-Encoding: gzip. |
| 16 | Accept-Language: en. |
| 17 | Accept-Charset: iso-8859-1,*,utf-8. |
| 18 | Cookie: SITESERVER=ID=3b671bc4c04048950bc8a20a61c31d96; brow |
| 19 | serid=BITS=0&OS=4&VERSION=4%2E72&AOLVER=0&BROWSER=1; Shopper |
| 20 | Manager%2FBNShop=SHOPPERMANAGER%2FBNSHOP=2D9DNPCEB6S92MJ1001 |
| 21 | PQUW93SAR9582; userid=2NW5T2ANM7; SalesURL=Rwww%2Ebn%2Ecom%2 |
| 22 | F; ASPSESSIONIDQGQGQQCD=NACHKFKCMBPBEANEEODHLDAI. |
| . |
6The tools used in the packet collection are freeware tools available for UNIX operating systems. The packet sniffing was done by tcpdump written by Van Jacobson, Craig Leres and Steven McCanne of the Lawrence Berkeley National Laboratory. The formatting of the packets into text was done by tcpshow written by Mike Ryan.