Score:0

Server

How to identify source, destination ip using STUN and DTLS protocols?

David Roonie

11/11/22, 1:51 PM

Given image i'm not able to identify which is source and destination ip address ( client or server). From STUN protocol 1st packet it's user request so i thought 131.202.240.150 is client ip address. From DTLS 5th packet Client hello i thought 131.202.240.87 is client ip address. Which one is correct and why?

0 + 11

udp

wireshark

packet-capture

packet

Michael Hampton

11/11/22, 2:14 PM

What do you mean by "client" and "server"?

David Roonie

11/11/22, 6:40 PM

client here means the host who is requesting service(my machine ).

Michael Hampton

11/11/22, 6:41 PM

You already know who the server is! So why do you not know who the client is?

David Roonie

11/11/22, 6:44 PM

this is taken from opensource dataset and captured on the computer whoever took this captures. Now i want to know his ip address through dtls, stun protocol. The client and server were both in same network. But i want to know the ip address of computer on which this captures are taken.

Michael Hampton

11/11/22, 6:47 PM

It is not possible to know that by looking at the capture. It may be neither of them. You will have to ask whoever made the capture.

David Roonie

11/11/22, 6:48 PM

Why not. client and server can easily be distinguised if it was Tcp protocol by SYN flag. why can't through dtls, stun both have some features over it.

Michael Hampton

11/11/22, 6:49 PM

You keep asking completely different questions! Please take a moment to think about what it is you actually want to know.

David Roonie

11/11/22, 6:52 PM

no my question remains same to get client and server ip addresses from given capture. client is who requests first something. if the capture was tcp. then syn flag denotes the request sent by client to make a connection. then the source (client) can be easily identified. Similarly i am asking to distinguish client , server based on those dtls, stun protocols. Client can be simply defined as who initiates request. Kindly see the image shared through link

Michael Hampton

11/11/22, 6:56 PM

It is completely obvious from the image which host initiated the DTLS traffic, so I'm not sure why you asked this question at all.

David Roonie

11/12/22, 3:43 AM

from STUN protocol i can see the other host initiated the stun traffic.

Michael Hampton

11/12/22, 10:18 AM

Hmm. You seem to be assuming that this capture is _complete_, and that is not a safe assumption. There may have been traffic that took place prior to starting the capture. And the STUN traffic doesn't matter anyway.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to identify source, destination ip using STUN and DTLS protocols?

TH: จะระบุต้นทาง ip ปลายทางโดยใช้โปรโตคอล STUN และ DTLS ได้อย่างไร

RO: Cum se identifică sursa, destinația ip folosind protocoalele STUN și DTLS?

RU: Как определить IP-адрес источника, получателя с помощью протоколов STUN и DTLS?

VI: Làm cách nào để xác định ip nguồn, đích bằng giao thức STUN và DTLS?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.