geohei
Hallo.
I habe hier ein Ethereal log, welches ein hartn
I habe hier ein Ethereal log, welches ein hartn
Hier mal der Anfang und das Ende des Logs. Ist das ein "normaler" passiver FTP Transfer (auf der Server Seite wurde geloggt)?
TIA
Anfang:
No. Time Source Destination Protocol Info
48 10.622098 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [SYN] Seq=2678979707 Ack=0 Win=16960 Len=0
49 10.622580 80.90.34.73 158.64.104.181 TCP 3565 > 51144 [SYN, ACK] Seq=3409623638 Ack=2678979708 Win=65535 Len=0
50 10.800364 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3409623639 Win=62500 Len=0
54 11.101619 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
55 11.101886 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
56 11.463424 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3409626383 Win=62500 Len=0
57 11.464024 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
58 11.464054 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
59 11.464072 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
60 11.590596 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3409627755 Win=62500 Len=0
61 11.591097 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
62 11.591125 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
63 11.735893 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3409630499 Win=62500 Len=0
64 11.736556 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
65 11.736591 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
66 11.736611 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
67 11.767065 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3409631871 Win=62500 Len=0
68 11.767642 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
69 11.767664 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
70 11.901487 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3409634615 Win=62500 Len=0
71 11.902110 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
Schluss:
4306 203.119035 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4307 203.241028 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4308 203.241376 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4309 203.298643 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4310 203.299106 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4311 203.417860 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4312 203.418171 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 92 bytes
4313 203.474740 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4314 203.541047 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4315 203.612066 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4316 203.669660 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4317 203.732726 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4318 203.803727 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4319 203.921863 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4320 203.980915 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4321 204.097584 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4322 204.106287 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4323 204.170770 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4324 204.287075 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4325 204.295770 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4326 204.362810 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4327 204.478748 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4328 204.599767 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696003 Win=62500 Len=0
4329 204.668595 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4330 204.673664 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4331 204.804840 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4332 204.805538 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1160 bytes
4333 204.805561 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4334 204.805578 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4335 204.805592 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4336 204.862090 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4337 204.979477 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4338 205.039619 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4339 205.093608 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411696215 Win=62486 Len=0
4340 205.151945 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411700119 Win=62500 Len=0
4341 205.211723 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411708351 Win=62500 Len=0
4342 205.330238 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [ACK] Seq=2678979708 Ack=3411708351 Win=62500 Len=0
4347 235.256722 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [FIN, ACK] Seq=2678979708 Ack=3411708351 Win=62500 Len=0
4348 235.257084 80.90.34.73 158.64.104.181 FTP-DATA FTP Data: 1372 bytes
4353 235.387885 158.64.104.181 80.90.34.73 TCP 51144 > 3565 [RST] Seq=2678979709 Ack=3407439919 Win=0 Len=0