wireshark issue

sixto areizaga thenewcq at optimum.net
Tue Feb 14 04:07:27 UTC 2017

I apologize this is a little wordy, I just tried to answer everything
all at once...I am thinking its not wireshark.  Let me know if you find
anything interesting...

IP =

$ whois
inetnum: -
netname:        UNICOM-HE
descr:          China Unicom Heibei Province Network

I concluded windows because, Putty is a windows program.

Nmap scan report for
Host is up (0.36s latency).
Not shown: 993 closed ports

25/tcp   filtered smtp
135/tcp  filtered msrpc
139/tcp  filtered netbios-ssn
445/tcp  filtered microsoft-ds
593/tcp  filtered http-rpc-epmap
4444/tcp filtered krb524                  
6006/tcp open     tcpwrapped

I googled krb524 it was super-interesting, check it out

from wireshark....

No.     time            source          destination  
protcol length info

71	41.065180	192.168.#.#
SSHv2	81  Client: Protocol (SSH-2.0-PUTTY)

72	41.088654	192.168.#.#
SSHv2	104	Server: Protocol (SSH-2.0-OpenSSH_7.2

> /var/log/security
> and /var/log/auth.log should be interesting.

show nothing for this IP.
a few days before there is a different IP, I am looking into that now.

Well, I dont think the vulnorability was in wireshark...

I think I am having a "pest" problem...

More information about the freebsd-questions mailing list