Logs estranhos no Tcpdump

1. Logs estranhos no Tcpdump

marcello1234
(usa Suse)

Enviado em 28/02/2012 - 09:49h

Bom dia colegas,

Estou obtendo uns logs muito estranhos de um IP no Tcpdump.
Alguém pode me ajudar dizendo se é normal? Estou desconfiado de que esteja usando TOR.

Segue eles abaixo.

09:44:02.525023 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.525351 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.526308 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.537904 IP 10.0.0.163.58925 > 151.66.2.79.18070: Flags [S], seq 2775404838, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
09:44:02.557133 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.557461 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.557859 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.558261 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.558727 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.614394 IP 10.0.0.163.15962 > c-84eee455.310-3-64736c11.cust.bredbandsbolaget.se.26729: UDP, length 106
09:44:02.751340 IP 10.0.0.163.15962 > d148060.adsl.hansenet.de.20645: UDP, length 20
09:44:02.795938 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.796326 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.796734 IP 10.0.0.163.15962 > 95.209.50.189.bredband.tre.se.22279: UDP, length 1438
09:44:02.796748 IP 10.0.0.163.15962 > 124244194161.ctinets.com.49862: UDP, length 30
09:44:02.796856 IP 10.0.0.163.15962 > dhcp-077-250-088-079.chello.nl.46694: UDP, length 30
09:44:02.797098 IP 10.0.0.163.58926 > dhcp-077-250-088-079.chello.nl.46694: Flags [S], seq 3805055450, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
09:44:02.797323 IP 10.0.0.163.15962 > 76-248-30-67.lightspeed.oklyca.sbcglobal.net.38263: UDP, length 30
09:44:02.797450 IP 10.0.0.163.15962 > h229.176.31.71.dynamic.ip.windstream.net.11888: UDP, length 30
09:44:02.797624 IP 10.0.0.163.15962 > badd5f74.virtua.com.br.55747: UDP, length 30
09:44:02.797839 IP 10.0.0.163.58927 > badd5f74.virtua.com.br.55747: Flags [S], seq 2518585177, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
09:44:02.798101 IP 10.0.0.163.58917 > 190.66.115.195.15851: Flags [S], seq 2589554461, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
09:44:02.798344 IP 10.0.0.163.58915 > adsl190-71-89-96.epm.net.co.56822: Flags [S], seq 295530136, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
09:44:02.798495 IP 10.0.0.163.58914 > 190-77-179-144.dyn.dsl.cantv.net.33482: Flags [S], seq 285651494, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
^C09:44:02.817802 IP 10.0.0.163.58888 > 95-42-8-75.btc-net.bg.36154: Flags [S], seq 4061513957, win 8192, options [mss 1460,nop,nop,sackOK], length 0

Desde já agradeço a atenção,

Marcello Rogério.

0 0

Quote