{"id":26965480,"url":"https://github.com/compcode1/wireshark-ping-analysis","last_synced_at":"2025-10-13T19:16:31.292Z","repository":{"id":285661990,"uuid":"958910868","full_name":"Compcode1/wireshark-ping-analysis","owner":"Compcode1","description":"This project demonstrated how a basic ping test, when combined with Wireshark analysis, reveals rich layers of networking insight.","archived":false,"fork":false,"pushed_at":"2025-04-02T01:04:21.000Z","size":23,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-02T02:21:40.878Z","etag":null,"topics":["icmp-ping","wireshark"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Compcode1.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-02T00:56:48.000Z","updated_at":"2025-04-02T01:04:55.000Z","dependencies_parsed_at":null,"dependency_job_id":"d4d76f9c-ae6d-4eba-8ebb-4c1960c44f7d","html_url":"https://github.com/Compcode1/wireshark-ping-analysis","commit_stats":null,"previous_names":["compcode1/wireshark-ping-analysis"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/Compcode1/wireshark-ping-analysis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Compcode1%2Fwireshark-ping-analysis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Compcode1%2Fwireshark-ping-analysis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Compcode1%2Fwireshark-ping-analysis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Compcode1%2Fwireshark-ping-analysis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Compcode1","download_url":"https://codeload.github.com/Compcode1/wireshark-ping-analysis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Compcode1%2Fwireshark-ping-analysis/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279016887,"owners_count":26085884,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-13T02:00:06.723Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["icmp-ping","wireshark"],"created_at":"2025-04-03T07:28:54.515Z","updated_at":"2025-10-13T19:16:31.287Z","avatar_url":"https://github.com/Compcode1.png","language":"Jupyter Notebook","readme":"**Key Interpretations:**\n\nEcho Request/Reply Structure:\nICMPv6 packets maintain the same conceptual structure as IPv4 ICMP. A Type 128 is an echo request, and a Type 129 is an echo reply. Sequence numbers and identifiers allow tracking of individual requests and replies.\n\nIPv6 In Use:\nThe ping to www.google.com resolved to an IPv6 address, showing that Google services prioritize IPv6 connectivity. This provides an opportunity to explore the differences in how IPv6 routes traffic.\n\nHop Limit Analysis:\nThe outbound Echo Request had a Hop Limit of 128, typical for Windows systems. The reply returned with a Hop Limit of 54, indicating that it traversed approximately 74 network hops on the return path (128 – 54 = 74).\nThis confirms the remote nature of the destination and illustrates how Hop Limits (like IPv4 TTL values) can be used for path tracing, routing diagnostics, and even spoofing detection in cybersecurity.\n\nSecurity Analysis Context:\nRelevance in Cybersecurity Workflows:\nWhile ICMP Echo Requests are simple and often overlooked, analyzing them is a core part of understanding:\n\nBasic network reachability\n\nRouting paths\n\nDetection of misconfigured or spoofed hosts\n\nNetwork mapping in reconnaissance\n\nAnomalies like ICMP floods or scanning activity\n\nHop Limit (TTL) Use in Threat Hunting:\n\nAbnormal or inconsistent hop counts are sometimes used to:\n\nDetect Man-in-the-Middle attacks\n\nUncover IP spoofing\n\nIdentify unauthorized routing changes\n\n**Conclusion:**\n\nThis project demonstrated how a basic ping test, when combined with Wireshark analysis, reveals rich layers of networking insight. By capturing and analyzing just eight packets, we were able to confirm IPv6 communication, verify host identity through MAC and IP data, and evaluate route distance using hop limit values\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcompcode1%2Fwireshark-ping-analysis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcompcode1%2Fwireshark-ping-analysis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcompcode1%2Fwireshark-ping-analysis/lists"}