Re: iptables a remote desktop

Bobby Gontarski Gontarski na seznam.cz
Úterý Duben 5 12:53:10 CEST 2005 

> tcpdump je tvoj priatel :-)
tak tady je vypis z tcpdump, moc se v tom bohuzel nevyznam :( Vyctete z toho neco?

13:16:54.937538 192.168.2.1.ssh > mojedomena.cz.2722: P 3189524738:3189524806(68) ack 332291589 win 24820 (DF) [tos 0x10] 
13:16:54.980969 192.168.2.1.1043 > 192.168.2.254.domain:  46076+[|domain] (DF)
13:16:54.983405 mojedomena.cz.2722 > 192.168.2.1.ssh: P 1:53(52) ack 68 win 63756 (DF)
13:16:55.019311 192.168.2.1.ssh > mojedomena.cz.2722: . ack 53 win 24820 (DF) [tos 0x10] 
13:16:55.032605 192.168.2.254.domain > 192.168.2.1.1043:  46076[|domain] (DF)
13:16:55.034247 192.168.2.1.1043 > 192.168.2.254.domain:  46077+[|domain] (DF)
13:16:55.093947 192.168.2.254.domain > 192.168.2.1.1043:  46077 NXDomain[|domain] (DF)
13:16:55.095941 192.168.2.1.1043 > 192.168.2.254.domain:  46078+[|domain] (DF)
13:16:55.138857 192.168.2.254.domain > 192.168.2.1.1043:  46078 NXDomain[|domain] (DF)
13:17:08.817889 mojedomena.cz.4404 > 192.168.2.1.3389: S 2617076196:2617076196(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
13:17:11.797266 mojedomena.cz.4404 > 192.168.2.1.3389: S 2617076196:2617076196(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
13:17:11.866240 192.168.2.254.router > 192.168.2.255.router:  RIPv2-resp [items 2]: {0.0.0.0}(2)[|rip] [ttl 1]
13:17:18.503247 mojedomena.cz.4405 > 192.168.2.1.3389: S 2619532751:2619532751(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
13:17:21.427417 mojedomena.cz.4405 > 192.168.2.1.3389: S 2619532751:2619532751(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
13:17:27.448519 mojedomena.cz.4405 > 192.168.2.1.3389: S 2619532751:2619532751(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
13:17:30.346579 mojedomena.cz > 192.168.2.1: icmp: echo request
13:17:30.347180 192.168.2.1 > mojedomena.cz: icmp: echo reply
13:17:31.348553 mojedomena.cz > 192.168.2.1: icmp: echo request
13:17:31.348853 192.168.2.1 > mojedomena.cz: icmp: echo reply
13:17:32.349093 mojedomena.cz > 192.168.2.1: icmp: echo request
13:17:32.349326 192.168.2.1 > mojedomena.cz: icmp: echo reply
13:17:35.339234 arp who-has 192.168.2.254 tell 192.168.2.1
13:17:35.339721 arp reply 192.168.2.254 is-at 0:a0:c5:c1:7:f9
13:17:41.870068 192.168.2.254.router > 192.168.2.255.router:  RIPv2-resp [items 2]: {0.0.0.0}(2)[|rip] [ttl 1]
13:17:45.061417 mojedomena.cz.2722 > 192.168.2.1.ssh: P 53:105(52) ack 68 win 63756 (DF)
13:17:45.061701 192.168.2.1.ssh > mojedomena.cz.2722: . ack 105 win 24820 (DF) [tos 0x10] 
13:17:45.063123 192.168.2.1.ssh > mojedomena.cz.2722: P 68:120(52) ack 105 win 24820 (DF) [tos 0x10] 
13:17:45.799301 192.168.2.1.ssh > mojedomena.cz.2722: P 68:120(52) ack 105 win 24820 (DF) [tos 0x10] 
13:17:45.849676 mojedomena.cz.2722 > 192.168.2.1.ssh: P 105:157(52) ack 120 win 63704 (DF)
13:17:45.866396 mojedomena.cz.2722 > 192.168.2.1.ssh: . ack 120 win 63704 (DF)
13:17:45.889280 192.168.2.1.ssh > mojedomena.cz.2722: . ack 157 win 24820 (DF) [tos 0x10]  
____________________________________________________________
http://www.bezpecnyinternet.cz
http://ad.seznam.cz/clickthru?spotId=94734

Další informace o konferenci Linux