tcpdump analysis help!
karan Gupta
kgupta at edgefocus.com
Sun Sep 12 12:37:00 PDT 2004
Is 10.0.152.48 effected with a virus?
02:51:50.894049 10.0.152.48.2571 > 10.0.115.155.microsoft-ds: S
1261718342:1261718342(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
02:51:50.895143 10.0.152.48.2572 > 10.7.150.60.microsoft-ds: S
1261751763:1261751763(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
02:51:50.898141 10.0.152.48.2574 > 10.80.161.154.microsoft-ds: S
1261816449:1261816449(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
02:51:50.899493 10.0.152.48.2575 > 10.45.11.191.microsoft-ds: S
1261854044:1261854044(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
02:51:50.900317 10.0.152.48.2578 > 10.0.163.64.microsoft-ds: S
1261888223:1261888223(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
02:51:50.902351 10.0.152.48.2579 > 10.39.162.137.microsoft-ds: S
1261944092:1261944092(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
02:51:50.904626 10.0.152.48.2580 > 10.0.141.110.microsoft-ds: S
1262000760:1262000760(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
Regds
Karan Gupta
More information about the freebsd-isp
mailing list