Root-me

IP - Time To Live

Packet Capture Analysis

We got to find the TTL used to reach the targeted host in this ICMP exchange.

We’ll do it with wireshark . Once we open the pcap, we can see the TTL field on the bottom. The first ICMP packets don’t make it to the destination. There’s a request but no reply.

At the end of the file we can see that we’re getting some replies. If we look at the request we can see the TTL=13

Wireshark ICMP