[Intrusions] LOGS: GIAC GCIA Version 3.4 Practical Detect Lindsayvan Eden
lola marais
lola_marais at hotmail.com
Wed Jul 14 22:17:39 GMT 2004
hi lindsay,
what can be said about the time, seq numbers and the TTL (use the -vv
option) of these packets?
what do we know about the default source port behavior of hping2?
>tcpdump -ner 2002.6.16 dst port 0
>
>19:11:40.464488 0:3:e3:d9:26:c0 0:0:c:4:b2:33 ip 66: 211.47.255.22.40844 >
>46.5.214.181.0: S 2912955034:2912955034(0) win 5840 <mss
>1460,nop,nop,sackOK,nop,wscale 0> (DF)
>
>19:11:43.444488 0:3:e3:d9:26:c0 0:0:c:4:b2:33 ip 66: 211.47.255.22.40844 >
>46.5.214.181.0: S 2912955034:2912955034(0) win 5840 <mss
>1460,nop,nop,sackOK,nop,wscale 0> (DF)
>
>19:11:49.354488 0:3:e3:d9:26:c0 0:0:c:4:b2:33 ip 66: 211.47.255.22.40844 >
>46.5.214.181.0: S 2912955034:2912955034(0) win 5840 <mss
>1460,nop,nop,sackOK,nop,wscale 0> (DF)
>
>19:12:01.534488 0:3:e3:d9:26:c0 0:0:c:4:b2:33 ip 66: 211.47.255.22.40844 >
>46.5.214.181.0: S 2912955034:2912955034(0) win 5840 <mss
>1460,nop,nop,sackOK,nop,wscale 0> (DF)
>
><truncated>
>
_________________________________________________________________
Add oomph to MSN Search - download MSN Toolbar!
http://toolbar.msn.co.za?DI=1054&XAPID=2083
More information about the Intrusions
mailing list