<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: CIPE <cipe-l,AT,inka,DOT,de>
Subject: tcpdump - server_eth0 IP 192.168.1.10
From: James Knott <james.knott,AT,rogers,DOT,com>
Date: Thu, 11 Sep 2003 12:36:46 -0400

21:39:30.606685 192.168.1.10.36792 > 192.168.1.40.ssh: P 3015965825:3015965873(48) ack 3015070441 win 8832 <nop,nop,timestamp 26686338 113498689> (DF) [tos 0x10] (ttl 64, id 921, len 100)
21:39:30.607894 192.168.1.40.ssh > 192.168.1.10.36792: P 1:49(48) ack 48 win 8576 <nop,nop,timestamp 113513630 26686338> (DF) [tos 0x10] (ttl 64, id 36175, len 100)
21:39:30.607918 192.168.1.10.36792 > 192.168.1.40.ssh: . [tcp sum ok] ack 49 win 8832 <nop,nop,timestamp 26686338 113513630> (DF) [tos 0x10] (ttl 64, id 922, len 52)
21:39:30.836371 192.168.1.40.ssh > 192.168.1.10.36792: P 49:113(64) ack 48 win 8576 <nop,nop,timestamp 113513653 26686338> (DF) [tos 0x10] (ttl 64, id 36176, len 116)
21:39:30.836409 192.168.1.10.36792 > 192.168.1.40.ssh: . [tcp sum ok] ack 113 win 8832 <nop,nop,timestamp 26686361 113513653> (DF) [tos 0x10] (ttl 64, id 923, len 52)
21:39:35.294760 192.168.1.10.36703 > 192.168.1.40.ssh: P 2767377624:2767377672(48) ack 2757885695 win 8832 <nop,nop,timestamp 26686807 113494389> (DF) [tos 0x10] (ttl 64, id 13022, len 100)
21:39:35.296033 192.168.1.40.ssh > 192.168.1.10.36703: P 1:49(48) ack 48 win 8576 <nop,nop,timestamp 113514099 26686807> (DF) [tos 0x10] (ttl 64, id 35316, len 100)
21:39:35.296056 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 49 win 8832 <nop,nop,timestamp 26686807 113514099> (DF) [tos 0x10] (ttl 64, id 13023, len 52)
21:39:35.315464 192.168.1.40.ssh > 192.168.1.10.36703: P 49:97(48) ack 48 win 8576 <nop,nop,timestamp 113514101 26686807> (DF) [tos 0x10] (ttl 64, id 35317, len 100)
21:39:35.315484 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 97 win 8832 <nop,nop,timestamp 26686809 113514101> (DF) [tos 0x10] (ttl 64, id 13024, len 52)
21:39:35.316134 192.168.1.40.ssh > 192.168.1.10.36703: P 97:145(48) ack 48 win 8576 <nop,nop,timestamp 113514101 26686809> (DF) [tos 0x10] (ttl 64, id 35318, len 100)
21:39:35.316145 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 145 win 8832 <nop,nop,timestamp 26686809 113514101> (DF) [tos 0x10] (ttl 64, id 13025, len 52)
21:39:35.316758 192.168.1.40.ssh > 192.168.1.10.36703: P 145:193(48) ack 48 win 8576 <nop,nop,timestamp 113514101 26686809> (DF) [tos 0x10] (ttl 64, id 35319, len 100)
21:39:35.316768 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 193 win 8832 <nop,nop,timestamp 26686809 113514101> (DF) [tos 0x10] (ttl 64, id 13026, len 52)
21:39:35.320997 192.168.1.40.ssh > 192.168.1.10.36703: P 193:257(64) ack 48 win 8576 <nop,nop,timestamp 113514101 26686809> (DF) [tos 0x10] (ttl 64, id 35320, len 116)
21:39:35.321007 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 257 win 8832 <nop,nop,timestamp 26686810 113514101> (DF) [tos 0x10] (ttl 64, id 13027, len 52)
21:39:35.321805 192.168.1.40.ssh > 192.168.1.10.36703: P 257:321(64) ack 48 win 8576 <nop,nop,timestamp 113514101 26686810> (DF) [tos 0x10] (ttl 64, id 35321, len 116)
21:39:35.321834 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 321 win 8832 <nop,nop,timestamp 26686810 113514101> (DF) [tos 0x10] (ttl 64, id 13028, len 52)
21:39:38.467830 192.168.1.10.36703 > 192.168.1.40.ssh: P 48:96(48) ack 321 win 8832 <nop,nop,timestamp 26687124 113514101> (DF) [tos 0x10] (ttl 64, id 13029, len 100)
21:39:38.469056 192.168.1.40.ssh > 192.168.1.10.36703: P 321:401(80) ack 96 win 8576 <nop,nop,timestamp 113514416 26687124> (DF) [tos 0x10] (ttl 64, id 35322, len 132)
21:39:38.469079 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 401 win 8832 <nop,nop,timestamp 26687124 113514416> (DF) [tos 0x10] (ttl 64, id 13030, len 52)
21:39:38.965355 192.168.1.10.36703 > 192.168.1.40.ssh: P 96:144(48) ack 401 win 8832 <nop,nop,timestamp 26687174 113514416> (DF) [tos 0x10] (ttl 64, id 13031, len 100)
21:39:38.966344 192.168.1.40.ssh > 192.168.1.10.36703: P 401:449(48) ack 144 win 8576 <nop,nop,timestamp 113514466 26687174> (DF) [tos 0x10] (ttl 64, id 35323, len 100)
21:39:38.966367 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 449 win 8832 <nop,nop,timestamp 26687174 113514466> (DF) [tos 0x10] (ttl 64, id 13032, len 52)
21:39:39.143383 192.168.1.10.36703 > 192.168.1.40.ssh: P 144:192(48) ack 449 win 8832 <nop,nop,timestamp 26687192 113514466> (DF) [tos 0x10] (ttl 64, id 13033, len 100)
21:39:39.144320 192.168.1.40.ssh > 192.168.1.10.36703: P 449:497(48) ack 192 win 8576 <nop,nop,timestamp 113514483 26687192> (DF) [tos 0x10] (ttl 64, id 35324, len 100)
21:39:39.144343 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 497 win 8832 <nop,nop,timestamp 26687192 113514483> (DF) [tos 0x10] (ttl 64, id 13034, len 52)
21:39:39.642704 192.168.1.10.36703 > 192.168.1.40.ssh: P 192:240(48) ack 497 win 8832 <nop,nop,timestamp 26687242 113514483> (DF) [tos 0x10] (ttl 64, id 13035, len 100)
21:39:39.643712 192.168.1.40.ssh > 192.168.1.10.36703: P 497:545(48) ack 240 win 8576 <nop,nop,timestamp 113514533 26687242> (DF) [tos 0x10] (ttl 64, id 35325, len 100)
21:39:39.643735 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 545 win 8832 <nop,nop,timestamp 26687242 113514533> (DF) [tos 0x10] (ttl 64, id 13036, len 52)
21:39:39.677582 192.168.1.10.36703 > 192.168.1.40.ssh: P 240:288(48) ack 545 win 8832 <nop,nop,timestamp 26687245 113514533> (DF) [tos 0x10] (ttl 64, id 13037, len 100)
21:39:39.678518 192.168.1.40.ssh > 192.168.1.10.36703: P 545:593(48) ack 288 win 8576 <nop,nop,timestamp 113514537 26687245> (DF) [tos 0x10] (ttl 64, id 35326, len 100)
21:39:39.710028 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 593 win 8832 <nop,nop,timestamp 26687249 113514537> (DF) [tos 0x10] (ttl 64, id 13038, len 52)
21:39:39.714462 192.168.1.10.36703 > 192.168.1.40.ssh: P 288:336(48) ack 593 win 8832 <nop,nop,timestamp 26687249 113514537> (DF) [tos 0x10] (ttl 64, id 13039, len 100)
21:39:39.715395 192.168.1.40.ssh > 192.168.1.10.36703: P 593:641(48) ack 336 win 8576 <nop,nop,timestamp 113514541 26687249> (DF) [tos 0x10] (ttl 64, id 35327, len 100)
21:39:39.715417 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 641 win 8832 <nop,nop,timestamp 26687249 113514541> (DF) [tos 0x10] (ttl 64, id 13040, len 52)
21:39:39.749311 192.168.1.10.36703 > 192.168.1.40.ssh: P 336:384(48) ack 641 win 8832 <nop,nop,timestamp 26687252 113514541> (DF) [tos 0x10] (ttl 64, id 13041, len 100)
21:39:39.750239 192.168.1.40.ssh > 192.168.1.10.36703: P 641:689(48) ack 384 win 8576 <nop,nop,timestamp 113514544 26687252> (DF) [tos 0x10] (ttl 64, id 35328, len 100)
21:39:39.786170 192.168.1.10.36703 > 192.168.1.40.ssh: P 384:432(48) ack 689 win 8832 <nop,nop,timestamp 26687256 113514544> (DF) [tos 0x10] (ttl 64, id 13042, len 100)
21:39:39.787134 192.168.1.40.ssh > 192.168.1.10.36703: P 689:737(48) ack 432 win 8576 <nop,nop,timestamp 113514548 26687256> (DF) [tos 0x10] (ttl 64, id 35329, len 100)
21:39:39.820032 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 737 win 8832 <nop,nop,timestamp 26687260 113514548> (DF) [tos 0x10] (ttl 64, id 13043, len 52)
21:39:39.821184 192.168.1.10.36703 > 192.168.1.40.ssh: P 432:480(48) ack 737 win 8832 <nop,nop,timestamp 26687260 113514548> (DF) [tos 0x10] (ttl 64, id 13044, len 100)
21:39:39.822106 192.168.1.40.ssh > 192.168.1.10.36703: P 737:785(48) ack 480 win 8576 <nop,nop,timestamp 113514551 26687260> (DF) [tos 0x10] (ttl 64, id 35330, len 100)
21:39:39.822153 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 785 win 8832 <nop,nop,timestamp 26687260 113514551> (DF) [tos 0x10] (ttl 64, id 13045, len 52)
21:39:39.857899 192.168.1.10.36703 > 192.168.1.40.ssh: P 480:528(48) ack 785 win 8832 <nop,nop,timestamp 26687263 113514551> (DF) [tos 0x10] (ttl 64, id 13046, len 100)
21:39:39.858841 192.168.1.40.ssh > 192.168.1.10.36703: P 785:833(48) ack 528 win 8576 <nop,nop,timestamp 113514555 26687263> (DF) [tos 0x10] (ttl 64, id 35331, len 100)
21:39:39.890030 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 833 win 8832 <nop,nop,timestamp 26687267 113514555> (DF) [tos 0x10] (ttl 64, id 13047, len 52)
21:39:39.892807 192.168.1.10.36703 > 192.168.1.40.ssh: P 528:576(48) ack 833 win 8832 <nop,nop,timestamp 26687267 113514555> (DF) [tos 0x10] (ttl 64, id 13048, len 100)
21:39:39.893730 192.168.1.40.ssh > 192.168.1.10.36703: P 833:881(48) ack 576 win 8576 <nop,nop,timestamp 113514558 26687267> (DF) [tos 0x10] (ttl 64, id 35332, len 100)
21:39:39.893870 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 881 win 8832 <nop,nop,timestamp 26687267 113514558> (DF) [tos 0x10] (ttl 64, id 13049, len 52)
21:39:39.929633 192.168.1.10.36703 > 192.168.1.40.ssh: P 576:624(48) ack 881 win 8832 <nop,nop,timestamp 26687270 113514558> (DF) [tos 0x10] (ttl 64, id 13050, len 100)
21:39:39.930565 192.168.1.40.ssh > 192.168.1.10.36703: P 881:929(48) ack 624 win 8576 <nop,nop,timestamp 113514562 26687270> (DF) [tos 0x10] (ttl 64, id 35333, len 100)
21:39:39.964510 192.168.1.10.36703 > 192.168.1.40.ssh: P 624:672(48) ack 929 win 8832 <nop,nop,timestamp 26687274 113514562> (DF) [tos 0x10] (ttl 64, id 13051, len 100)
21:39:39.965471 192.168.1.40.ssh > 192.168.1.10.36703: P 929:977(48) ack 672 win 8576 <nop,nop,timestamp 113514566 26687274> (DF) [tos 0x10] (ttl 64, id 35334, len 100)
21:39:40.000030 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 977 win 8832 <nop,nop,timestamp 26687278 113514566> (DF) [tos 0x10] (ttl 64, id 13052, len 52)
21:39:40.001435 192.168.1.10.36703 > 192.168.1.40.ssh: P 672:720(48) ack 977 win 8832 <nop,nop,timestamp 26687278 113514566> (DF) [tos 0x10] (ttl 64, id 13053, len 100)
21:39:40.002361 192.168.1.40.ssh > 192.168.1.10.36703: P 977:1025(48) ack 720 win 8576 <nop,nop,timestamp 113514569 26687278> (DF) [tos 0x10] (ttl 64, id 35335, len 100)
21:39:40.002410 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 1025 win 8832 <nop,nop,timestamp 26687278 113514569> (DF) [tos 0x10] (ttl 64, id 13054, len 52)
21:39:40.558267 192.168.1.10.36703 > 192.168.1.40.ssh: P 720:768(48) ack 1025 win 8832 <nop,nop,timestamp 26687333 113514569> (DF) [tos 0x10] (ttl 64, id 13055, len 100)
21:39:40.559364 192.168.1.40.ssh > 192.168.1.10.36703: P 1025:1073(48) ack 768 win 8576 <nop,nop,timestamp 113514625 26687333> (DF) [tos 0x10] (ttl 64, id 35336, len 100)
21:39:40.559387 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 1073 win 8832 <nop,nop,timestamp 26687333 113514625> (DF) [tos 0x10] (ttl 64, id 13056, len 52)
21:39:41.276985 192.168.1.10.36703 > 192.168.1.40.ssh: P 768:816(48) ack 1073 win 8832 <nop,nop,timestamp 26687405 113514625> (DF) [tos 0x10] (ttl 64, id 13057, len 100)
21:39:41.278068 192.168.1.40.ssh > 192.168.1.10.36703: P 1073:1121(48) ack 816 win 8576 <nop,nop,timestamp 113514697 26687405> (DF) [tos 0x10] (ttl 64, id 35337, len 100)
21:39:41.278090 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 1121 win 8832 <nop,nop,timestamp 26687405 113514697> (DF) [tos 0x10] (ttl 64, id 13058, len 52)
21:39:41.976615 192.168.1.10.36703 > 192.168.1.40.ssh: P 816:864(48) ack 1121 win 8832 <nop,nop,timestamp 26687475 113514697> (DF) [tos 0x10] (ttl 64, id 13059, len 100)
21:39:41.977611 192.168.1.40.ssh > 192.168.1.10.36703: P 1121:1169(48) ack 864 win 8576 <nop,nop,timestamp 113514767 26687475> (DF) [tos 0x10] (ttl 64, id 35338, len 100)
21:39:41.977634 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 1169 win 8832 <nop,nop,timestamp 26687475 113514767> (DF) [tos 0x10] (ttl 64, id 13060, len 52)
21:39:46.203346 192.168.1.10.36703 > 192.168.1.40.ssh: P 864:912(48) ack 1169 win 8832 <nop,nop,timestamp 26687898 113514767> (DF) [tos 0x10] (ttl 64, id 13061, len 100)
21:39:46.204436 192.168.1.40.ssh > 192.168.1.10.36703: P 1169:1217(48) ack 912 win 8576 <nop,nop,timestamp 113515189 26687898> (DF) [tos 0x10] (ttl 64, id 35339, len 100)
21:39:46.204459 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 1217 win 8832 <nop,nop,timestamp 26687898 113515189> (DF) [tos 0x10] (ttl 64, id 13062, len 52)
21:39:46.266966 192.168.1.40.ssh > 192.168.1.10.36703: P 1217:1281(64) ack 912 win 8576 <nop,nop,timestamp 113515196 26687898> (DF) [tos 0x10] (ttl 64, id 35340, len 116)
21:39:46.266998 192.168.1.10.36703 > 192.168.1.40.ssh: . [tcp sum ok] ack 1281 win 8832 <nop,nop,timestamp 26687904 113515196> (DF) [tos 0x10] (ttl 64, id 13063, len 52)
21:39:51.837935 192.168.1.10.34151 > 192.168.1.40.ssh: P 261372521:261372569(48) ack 276532067 win 8832 <nop,nop,timestamp 26688461 113482443> (DF) [tos 0x10] (ttl 64, id 20969, len 100)
21:39:51.839573 192.168.1.40.ssh > 192.168.1.10.34151: P 1:49(48) ack 48 win 8576 <nop,nop,timestamp 113515753 26688461> (DF) [tos 0x10] (ttl 64, id 30931, len 100)
21:39:51.839596 192.168.1.10.34151 > 192.168.1.40.ssh: . [tcp sum ok] ack 49 win 8832 <nop,nop,timestamp 26688461 113515753> (DF) [tos 0x10] (ttl 64, id 20970, len 52)
21:39:51.876439 192.168.1.40.ssh > 192.168.1.10.34151: P 49:113(64) ack 48 win 8576 <nop,nop,timestamp 113515757 26688461> (DF) [tos 0x10] (ttl 64, id 30932, len 116)
21:39:51.876471 192.168.1.10.34151 > 192.168.1.40.ssh: . [tcp sum ok] ack 113 win 8832 <nop,nop,timestamp 26688465 113515757> (DF) [tos 0x10] (ttl 64, id 20971, len 52)
21:39:59.860109 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70F7 IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=197 (0xc5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


 (DF) (ttl 64, id 0, len 225)
21:40:30.461823 192.168.2.20.32771 > 192.168.1.10.netbios-ns:  [udp sum ok]
>>> NBT UDP PACKET(137): QUERY; REQUEST; UNICAST
TrnID=0x4524
OpCode=0
NmFlags=0x0
Rcode=0
QueryCount=1
AnswerCount=0
AuthorityCount=0
AddressRecCount=0
QuestionRecords:
Name=*               NameType=0x00 (Workstation)
QuestionType=0x21
QuestionClass=0x1

 (DF) (ttl 63, id 0, len 78)
21:40:30.462365 192.168.1.10.netbios-ns > 192.168.2.20.32771:
>>> NBT UDP PACKET(137): QUERY; POSITIVE; RESPONSE; UNICAST
TrnID=0x4524
OpCode=0
NmFlags=0x40
Rcode=0
QueryCount=0
AnswerCount=1
AuthorityCount=0
AddressRecCount=0

ResourceRecords:
Name=*               NameType=0x00 (Workstation)
ResType=0x21
ResClass=0x1
TTL=0 (0x0)
ResourceLength=0
ResourceData=
NumNames=0x0
AdditionalData:
Data: (172 bytes)
[000] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[010] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[020] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[040] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[050] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[060] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[070] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[080] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[090] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
[0A0] 00 00 00 00 00 00 00 00  00 00 00 00              ........ ....

(DF) (ttl 64, id 0, len 257)
21:40:31.032649 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: S [tcp sum ok] 3294850949:3294850949(0) win 5608 <mss 1402,sackOK,timestamp 123568 0,nop,wscale 0> (DF) (ttl 63, id 36149, len 60)
21:40:31.032693 192.168.1.10.netbios-ssn > 192.168.2.20.32775: S [tcp sum ok] 3286453376:3286453376(0) ack 3294850950 win 5792 <mss 1460,sackOK,timestamp 26692381 123568,nop,wscale 0> (DF) (ttl 64, id 0, len 60)
21:40:31.331635 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp sum ok] ack 1 win 5608 <nop,nop,timestamp 123597 26692381> (DF) (ttl 63, id 36150, len 52)
21:40:31.572445 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: P 1:77(76) ack 1 win 5608 <nop,nop,timestamp 123619 26692381>
>>> NBT Packet
NBT Session Request
Flags=0x81000048
Destination=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 63, id 36151, len 128)
21:40:31.572487 192.168.1.10.netbios-ssn > 192.168.2.20.32775: . [tcp sum ok] ack 77 win 5792 <nop,nop,timestamp 26692435 123619> (DF) (ttl 64, id 1978, len 52)
21:40:31.584373 192.168.1.10.netbios-ssn > 192.168.2.20.32775: P [tcp sum ok] 1:5(4) ack 77 win 5792 <nop,nop,timestamp 26692436 123619>
>>> NBT Packet
NBT Session Granted
Flags=0x82000000


(DF) (ttl 64, id 1979, len 56)
21:40:31.901798 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp sum ok] ack 5 win 5608 <nop,nop,timestamp 123653 26692436> (DF) (ttl 63, id 36152, len 52)
21:40:31.992819 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: P 77:245(168) ack 5 win 5608 <nop,nop,timestamp 123653 26692436>
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=164 (0xa4)


SMB PACKET: SMBnegprot (REQUEST)
SMB Command   =  0x72
Error class   =  0x0
Error code    =  0 (0x0)
Flags1        =  0x8
Flags2        =  0x1
Tree ID       =  0 (0x0)
Proc ID       =  0 (0x0)
UID           =  0 (0x0)
MID           =  0 (0x0)
Word Count    =  0 (0x0)

(DF) (ttl 63, id 36153, len 220)
21:40:32.016736 192.168.1.10.netbios-ssn > 192.168.2.20.32775: P 5:83(78) ack 245 win 6432 <nop,nop,timestamp 26692479 123653>
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=74 (0x4a)


SMB PACKET: SMBnegprot (REPLY)
SMB Command   =  0x72
Error class   =  0x0
Error code    =  0 (0x0)
Flags1        =  0x88
Flags2        =  0x1
Tree ID       =  0 (0x0)
Proc ID       =  0 (0x0)
UID           =  0 (0x0)
MID           =  0 (0x0)
Word Count    =  0 (0x0)

(DF) (ttl 64, id 1980, len 130)
21:40:32.381599 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp sum ok] ack 83 win 5608 <nop,nop,timestamp 123703 26692479> (DF) (ttl 63, id 36154, len 52)
21:41:00.460109 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70F8 IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=197 (0xc5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 225)
21:41:30.460112 192.168.1.10.netbios-dgm > 192.168.2.20.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70F9 IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=213 (0xd5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 241)
21:41:31.063237 192.168.2.20 > 192.168.1.10: icmp: 192.168.2.20 udp port netbios-dgm unreachable [tos 0xc0] (ttl 254, id 55713, len 269)
21:41:35.460023 arp who-has 192.168.1.40 tell 192.168.1.10
21:41:35.460178 arp reply 192.168.1.40 is-at 0:c0:4f:a1:8f:94
21:42:00.460149 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70FA IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=197 (0xc5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 225)
21:42:32.047683 192.168.1.10.netbios-ssn > 192.168.2.20.32775: F [tcp sum ok] 83:83(0) ack 245 win 6432 <nop,nop,timestamp 26704482 123703> (DF) (ttl 64, id 1981, len 52)
21:42:32.532121 192.168.2.20.32775 > 192.168.1.10.netbios-ssn: . [tcp sum ok] ack 84 win 5608 <nop,nop,timestamp 135719 26704482> (DF) (ttl 63, id 36155, len 52)
21:42:37.528564 arp who-has 192.168.1.10 tell 192.168.1.40
21:42:37.528589 arp reply 192.168.1.10 is-at 0:5:5d:f6:4:ce
21:43:00.460109 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70FB IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=197 (0xc5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 225)
21:43:00.460191 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70FC IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=213 (0xd5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 241)
21:43:00.460205 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70FD IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=206 (0xce) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 234)
21:44:00.460111 192.168.1.10.netbios-dgm > 192.168.1.255.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70FE IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=197 (0xc5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 225)
21:44:30.460112 192.168.1.10.netbios-dgm > 192.168.2.20.netbios-dgm:
>>> NBT UDP PACKET(138) Res=0x110A ID=0x70FF IP=192 (0xc0).168 (0xa8).1 (0x1).10 (0xa) Port=138 (0x8a) Length=213 (0xd5) Res2=0x0
SourceName=LINUX NameType=0x00 (Workstation)
DestName=
WARNING: Short packet. Try increasing the snap length


(DF) (ttl 64, id 0, len 241)
21:44:31.043295 192.168.2.20 > 192.168.1.10: icmp: 192.168.2.20 udp port netbios-dgm unreachable [tos 0xc0] (ttl 254, id 55714, len 269)
21:44:35.460023 arp who-has 192.168.1.40 tell 192.168.1.10
21:44:35.460174 arp reply 192.168.1.40 is-at 0:c0:4f:a1:8f:94



<< | Thread Index | >> ]    [ << | Date Index | >> ]