Question

Question 1

00 00 0c 07 ac 0a 78 2b cb 9d 39 f3 08 00 45 00

00 58 02 88 00 00 80 01 00 00 0a 7b 0a 21 0a 65

f0 0a 03 02 fc fd 00 00 00 00 45 00 00 3c 29 84

00 00 7f 01 03 32 0a 65 f0 0a 0a 7b 0a 21 00 00

54 29 00 01 01 32 61 62 63 64 65 66 67 68 69 6a

6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 61 62 63

64 65 66 67 68 69

1. How do you know this is an ICMP packet?

2. What kind of ICMP packet is it?

Question 2

BINARY DATA:

00000000 00000000 00001100 00000111 10101100 00001010 01111000 00101011

11001011 10011101 00111001 11110011 00001000 00000000 01000101 00000000

00000000 00101000 00000010 10001110 01000000 00000000 10000000 00000110

00000000 00000000 00001010 01111011 00001010 00100001 01101011 00010100

11011001 10101011 00111000 00010111 00000000 01010000 01001100 00100001

00011000 00001001 10011101 01100010 10100011 10001011 01010000 00010000

01000000 10110000 01011001 01110110 00000000 00000000       

1. How do you know this is an IP packet?

2. What is the embedded protocol?

3. What is the size of the embedded protocol payload?

Question 3

78 2b cb 9d 39 f3 00 0f f8 a0 b1 c0 08 00 45 00

00 28 09 7b 40 00 f4 06 70 13 d0 55 28 50 0a 7b

0a 21 00 50 36 bd d0 83 65 86 aa 7b 52 fb 50 29

10 2c 27 d9 00 00

1. Could this be from a sX NMAP scan (FIN, URG, PUSH flags set)?

Explain:   

2. Are any of the reserve flags set?   

Explain:

Answer 1

Answer 1
************

How do you know this is an ICMP packet?
Paste above hex values in the given screenshot website and it will give you an analysis output where you can see all the detail about ICMP packet where there is a signature for ICMP packet from that it identifies the what type of packet it is.

What kind of ICMP packet is it?

this is ping reply packet

Answer 2
***********

Answer 3
*********
00 00 0c 07 ac 0a 78 2b cb 9d 39 f3 08 00 45 00 00 28 02 8e 40 00 80 06 00 00 0a 7b 0a 21 14 d9 ab 38 17 00 50 4c 21 18 09 9d 62 a3 8b 50 10 40 b0 59 76 00 00

above is the converted data from given binary using calculator

How do you know this is an IP packet?
as signature of IP packet is starting from 45 00

What is the embedded protocol?
Transmission Control Protocol

What is the size of the embedded protocol payload?
Total Length: 40

Answer 3
***********

Yes it is from NMAP and flags are set but reserve flags are not set

if you have any doubt then please ask me without any hesitation in the comment section below , if you like my answer then please thumbs up for the answer , before giving thumbs down please discuss the question it may possible that we may understand the question different way and we can edit and change the answers if you argue, thanks :)