|
To: |
CIPE <cipe-l,AT,inka,DOT,de> |
|
Subject: |
tcpdump - laptop_cipb0 IP 192.168.2.20 |
|
From: |
James Knott <james.knott,AT,rogers,DOT,com> |
|
Date: |
Thu, 11 Sep 2003 12:27:56 -0400 |
21:40:30.015786 192.168.2.20.32771 > 192.168.1.10.netbios-ns: [udp sum ok]
>>> NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
TrnID=0x4524
OpCode=0
NmFlags=0x0
Rcode=0
QueryCount=1
AnswerCount=0
AuthorityCount=0
AddressRecCount=0
QuestionRecords:
Name=* NameType=0x00 (Workstation)
QuestionType=0x21
QuestionClass=0x1
(DF) (ttl 64, id 0, len 78)
21:40:30.430562 192.168.1.10.netbios-ns > 192.168.2.20.32771:
>>> NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
TrnID=0x4524
OpCode=0
NmFlags=0x40
Rcode=0
QueryCount=0
AnswerCount=1
AuthorityCount=0
AddressRecCount=0
ResourceRecords:
Name=* NameType=0x00 (Workstation)
ResType=0x21
ResClass=0x1
TTL=0 (0x0)
ResourceLength=173
ResourceData=
NumNames=0x7
Name=LINUX NameType=0x00 (Workstation) B
Name= NameType=0x00 (Workstation) B
Name= NameType=0x00 (Workstation) B
Name= NameType=0x00 (Workstation) B
Name= NameType=0x00 (Workstation) B
Name= NameType=0x00 (Workstation) B
Name= NameType=0x00 (Workstation) B
AdditionalData:
Data: (46 bytes)
[000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ......
(DF) (ttl 63, id 0, len 257)
21:40:30.608932 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: S [tcp
sum ok] 3294850949:3294850949(0) win 5608 <mss 1402,sackOK,timestamp
123568 0,nop,wscale 0> (DF) (ttl 64, id 36149, len 60)
21:40:30.890168 192.168.1.10.netbios-ssn > 192.168.2.20.32775: S [tcp
sum ok] 3286453376:3286453376(0) ack 3294850950 win 5792 <mss
1460,sackOK,timestamp 26692381 123568,nop,wscale 0> (DF) (ttl 63, id 0,
len 60)
21:40:30.890226 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp
sum ok] ack 1 win 5608 <nop,nop,timestamp 123597 26692381> (DF) (ttl 64,
id 36150, len 52)
21:40:31.110189 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: P
1:77(76) ack 1 win 5608 <nop,nop,timestamp 123619 26692381>
>>> NBT Packet
NBT Session Request
Flags=0x81000048
Destination=LINUX NameType=0x20 (Server)
Source=
WARNING: Short packet. Try increasing the snap length
(DF) (ttl 64, id 36151, len 128)
21:40:31.430227 192.168.1.10.netbios-ssn > 192.168.2.20.32775: . [tcp
sum ok] ack 77 win 5792 <nop,nop,timestamp 26692435 123619> (DF) (ttl
63, id 1978, len 52)
21:40:31.450386 192.168.1.10.netbios-ssn > 192.168.2.20.32775: P [tcp
sum ok] 1:5(4) ack 77 win 5792 <nop,nop,timestamp 26692436 123619>
>>> NBT Packet
NBT Session Granted
Flags=0x82000000
(DF) (ttl 63, id 1979, len 56)
21:40:31.450574 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp
sum ok] ack 5 win 5608 <nop,nop,timestamp 123653 26692436> (DF) (ttl 64,
id 36152, len 52)
21:40:31.451026 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: P
77:245(168) ack 5 win 5608 <nop,nop,timestamp 123653 26692436>
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=164 (0xa4)
SMB PACKET: SMBnegprot (REQUEST)
SMB Command = 0x72
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x8
Flags2 = 0x1
Tree ID = 0 (0x0)
Proc ID = 5709 (0x164d)
UID = 0 (0x0)
MID = 1 (0x1)
Word Count = 0 (0x0)
Dialect=PC N
Dialect=Error! ASCIIZ buffer of type 0 (safety=123)
Dialect=Error! ASCIIZ buffer of type 0 (safety=121)
Dialect=Error! ASCIIZ buffer of type 0 (safety=119)
Dialect=Error! ASCIIZ buffer of type 0 (safety=117)
Dialect=Error! ASCIIZ buffer of type 0 (safety=115)
Dialect=Error! ASCIIZ buffer of type 0 (safety=113)
Dialect=Error! ASCIIZ buffer of type 0 (safety=111)
Dialect=Error! ASCIIZ buffer of type 0 (safety=109)
Dialect=Error! ASCIIZ buffer of type 0 (safety=107)
Dialect=Error! ASCIIZ buffer of type 0 (safety=105)
Dialect=Error! ASCIIZ buffer of type 0 (safety=103)
Dialect=Error! ASCIIZ buffer of type 0 (safety=101)
Dialect=Error! ASCIIZ buffer of type 0 (safety=99)
Dialect=Error! ASCIIZ buffer of type 0 (safety=97)
Dialect=Error! ASCIIZ buffer of type 0 (safety=95)
Dialect=Error! ASCIIZ buffer of type 0 (safety=93)
Dialect=Error! ASCIIZ buffer of type 0 (safety=91)
Dialect=Error! ASCIIZ buffer of type 0 (safety=89)
Dialect=Error! ASCIIZ buffer of type 0 (safety=87)
Dialect=Error! ASCIIZ buffer of type 0 (safety=85)
Dialect=Error! ASCIIZ buffer of type 0 (safety=83)
Dialect=Error! ASCIIZ buffer of type 0 (safety=81)
Dialect=Error! ASCIIZ buffer of type 0 (safety=79)
Dialect=Error! ASCIIZ buffer of type 0 (safety=77)
Dialect=Error! ASCIIZ buffer of type 0 (safety=75)
Dialect=Error! ASCIIZ buffer of type 0 (safety=73)
Dialect=Error! ASCIIZ buffer of type 0 (safety=71)
Dialect=Error! ASCIIZ buffer of type 0 (safety=69)
Dialect=Error! ASCIIZ buffer of type 0 (safety=67)
Dialect=Error! ASCIIZ buffer of type 0 (safety=65)
Dialect=Error! ASCIIZ buffer of type 0 (safety=63)
Dialect=Error! ASCIIZ buffer of type 0 (safety=61)
Dialect=Error! ASCIIZ buffer of type 0 (safety=59)
Dialect=Error! ASCIIZ buffer of type 0 (safety=57)
Dialect=Error! ASCIIZ buffer of type 0 (safety=55)
Dialect=Error! ASCIIZ buffer of type 0 (safety=53)
Dialect=Error! ASCIIZ buffer of type 0 (safety=51)
Dialect=Error! ASCIIZ buffer of type 0 (safety=49)
Dialect=Error! ASCIIZ buffer of type 0 (safety=47)
Dialect=Error! ASCIIZ buffer of type 0 (safety=45)
Dialect=Error! ASCIIZ buffer of type 0 (safety=43)
Dialect=Error! ASCIIZ buffer of type 0 (safety=41)
Dialect=Error! ASCIIZ buffer of type 0 (safety=39)
Dialect=Error! ASCIIZ buffer of type 0 (safety=37)
Dialect=Error! ASCIIZ buffer of type 0 (safety=35)
Dialect=Error! ASCIIZ buffer of type 0 (safety=33)
Dialect=Error! ASCIIZ buffer of type 0 (safety=31)
Dialect=Error! ASCIIZ buffer of type 0 (safety=29)
Dialect=Error! ASCIIZ buffer of type 0 (safety=27)
Dialect=Error! ASCIIZ buffer of type 0 (safety=25)
Dialect=Error! ASCIIZ buffer of type 0 (safety=23)
Dialect=Error! ASCIIZ buffer of type 0 (safety=21)
Dialect=Error! ASCIIZ buffer of type 0 (safety=19)
Dialect=Error! ASCIIZ buffer of type 0 (safety=17)
Dialect=Error! ASCIIZ buffer of type 0 (safety=15)
Dialect=Error! ASCIIZ buffer of type 0 (safety=13)
Dialect=Error! ASCIIZ buffer of type 0 (safety=11)
Dialect=Error! ASCIIZ buffer of type 0 (safety=9)
Dialect=Error! ASCIIZ buffer of type 0 (safety=7)
Dialect=Error! ASCIIZ buffer of type 0 (safety=5)
Dialect=Error! ASCIIZ buffer of type 0 (safety=3)
Dialect=Error! ASCIIZ buffer of type 0 (safety=1)
(DF) (ttl 64, id 36153, len 220)
21:40:31.910160 192.168.1.10.netbios-ssn > 192.168.2.20.32775: P
5:83(78) ack 245 win 6432 <nop,nop,timestamp 26692479 123653>
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=74 (0x4a)
SMB PACKET: SMBnegprot (REPLY)
SMB Command = 0x72
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x88
Flags2 = 0x1
Tree ID = 0 (0x0)
Proc ID = 5709 (0x164d)
UID = 0 (0x0)
MID = 1 (0x1)
Word Count = 17 (0x11)
NT1 Protocol
DialectIndex=6 (0x6)
SecMode=0x1
MaxMux=50 (0x32)
NumVcs=1 (0x1)
MaxBuffer=0 (0x0)
RawSize=0 (0x0)
SessionKey=0x0
Capabilities=0x0
ServerTime=NULL
TimeZone=0 (0x0)
CryptKey=Data: (1 bytes)
[000] 00 .
(DF) (ttl 63, id 1980, len 130)
21:40:31.950034 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp
sum ok] ack 83 win 5608 <nop,nop,timestamp 123703 26692479> (DF) (ttl
64, id 36154, len 52)
21:41:30.530164 192.168.1.10.netbios-dgm > 192.168.2.20.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70F9 IP=192 (0xc0).168 (0xa8).1
(0x1).10 (0xa) Port=138 (0x8a) Length=213 (0xd5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length
(DF) (ttl 63, id 0, len 241)
21:41:30.530216 192.168.2.20 > 192.168.1.10: icmp: 192.168.2.20 udp port
netbios-dgm unreachable [tos 0xc0] (ttl 255, id 55713, len 269)
21:42:32.070193 192.168.1.10.netbios-ssn > 192.168.2.20.32775: F [tcp
sum ok] 83:83(0) ack 245 win 6432 <nop,nop,timestamp 26704482 123703>
(DF) (ttl 63, id 1981, len 52)
21:42:32.110039 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp
sum ok] ack 84 win 5608 <nop,nop,timestamp 135719 26704482> (DF) (ttl
64, id 36155, len 52)