[ Thanks to An Anonymous Reader for
this link. ]
“There are a number of reasons to take a closer look at the
contents of the network traffic. The first is that you may simply
be debugging an existing network application or one you are
developing, and want to monitor the traffic going past on your
network. The second reason is to identify traffic on your network
that may be using up bandwidth and resources. For the former, you
probably already know the contents of the protocol, but you may
want to get a more detailed look at the actual data being
transferred, for example, when using web services. For the latter,
identifying the contents of the packets requires some extensive
knowledge of the protocols being used.“With both TCP/IP and UDP/IP communications, the key elements
are the IP addresses used to identify the hosts and the port
number. The port number is used to provide additional communication
channels so that you can support multiple connections between two
hosts. There are some standards in the port definitions. For
example, port 25 is for email (SMTP) traffic, and most websites
operate on port 80 (HTTP). These conventions are used to allow
programs to communicate with each other over a known channel in the
same way as you would choose a phone or fax number.”