[FUG-BR] Alguem pode ajudar no tcpdump

Andre Luiz andrebjl em yahoo.com.br
Seg Fev 28 20:32:34 BRT 2005 

Ja postei algumas msgs aqui, onde estou com problema de lentidado nao minha rede externa, alguns amigos aqui madaram fazer analises com o tcpdump porem nao sei usar, encontrei um path de comando pesquisando na Net (tcpdump -ni rl1 | grep "445" > arquivo.log), fiz isso na minha interfaces inclusive a rl1 e apareceu as seguintes linhas, nao sei analisa-las. Alguem pode me ajudar em alguma forma,  q estar acontecendo se estou recebendo pacotes indesejados, virus, ataques, etc e como resolver??? Desde de já agradeco pela atencao.
 
20:17:48.864452 85.0.0.2.2970 > 204.9.118.8.2597: . ack 4294965836 win 63064 <nop,nop,sack sack 1 {0:1460} > (DF)
20:17:49.737445 204.9.118.4.2597 > 85.0.0.2.1679: . 10828:12288(1460) ack 1 win 63870 (DF)   
20:17:50.385130 192.168.100.11.3020 > 80.230.70.217.54263: P 433445285:433445327(42) ack 759767944 win 17680 (DF)
20:17:50.844501 19.0.4.2.1287 > 200.221.7.37.80: . ack 4381 win 17520 (DF)
20:17:51.484457 60.0.0.2.1051 > 65.54.211.61.80: R 423528:423528(0) win 0 (DF)
20:17:51.489445 204.9.118.8.2597 > 85.0.0.2.2970: . 20480:21940(1460) ack 1 win 63841 (DF)
20:17:52.444582 204.9.118.4.2597 > 85.0.0.2.1679: . 39500:40960(1460) ack 1 win 63870 (DF)
20:17:52.445576 85.0.0.2.1679 > 204.9.118.4.2597: . ack 40960 win 64240 (DF)
20:17:55.268778 204.9.116.46.2597 > 85.0.0.2.1647: P 143360:144536(1176) ack 1 win 63869 (DF)
20:17:55.269565 85.0.0.2.1647 > 204.9.116.46.2597: . ack 140440 win 63064 <nop,nop,sack sack 1 {143360:144536} > (DF)
20:17:55.275546 85.0.0.2.1647 > 204.9.116.46.2597: . ack 140440 win 63064 <nop,nop,sack sack 1 {141900:144536} > (DF)
20:17:55.281568 85.0.0.2.1647 > 204.9.116.46.2597: . ack 144536 win 64240 (DF)
20:17:55.373829 204.9.116.46.2597 > 85.0.0.2.1647: . 144536:145996(1460) ack 1 win 63869 (DF)
20:17:55.518345 200.216.28.32.4662 > 14.0.0.2.2265: . ack 23491 win 52445 (DF)
20:17:55.743111 62.0.0.2.1183 > 200.181.70.168.80: P 3826:4445(619) ack 8114 win 16953 (DF)
20:17:56.286445 19.0.7.2.1025 > 200.223.16.3.53:  1+ A? www.ad-w-a-r-e.com. (36)
20:17:56.728362 200.181.70.168.80 > 62.0.0.2.1183: . ack 4445 win 65535 (DF)
20:17:56.918381 200.181.70.168.80 > 62.0.0.2.1183: . 8114:9574(1460) ack 4445 win 65535 (DF)
20:17:57.016445 204.9.118.35.2597 > 85.0.0.2.1678: . 131072:132532(1460) ack 1 win 63839 (DF)  
20:17:57.023445 85.0.0.2.1678 > 204.9.118.35.2597: . ack 133992 win 64240 (DF)
20:17:57.836445 38.113.196.34.2597 > 85.0.0.2.1682: P 105604:106496(892) ack 1 win 63838 (DF)
20:17:57.881982 204.9.118.42.2597 > 85.0.0.2.1664: P 143361:144537(1176) ack 0 win 63839 (DF)
20:17:57.882861 85.0.0.2.1664 > 204.9.118.42.2597: . ack 144537 win 63064 (DF)
20:17:57.887843 204.9.118.42.2597 > 85.0.0.2.1664: . 144537:145997(1460) ack 0 win 63839 (DF)
20:17:57.928388 200.181.70.168.80 > 62.0.0.2.1183: P 9574:10399(825) ack 4445 win 65535 (DF)
20:17:57.934034 62.0.0.2.1183 > 200.181.70.168.80: P 4445:5062(617) ack 10399 win 16695 (DF)
20:17:58.794455 204.9.118.35.2597 > 85.0.0.2.1678: . 155648:157108(1460) ack 1 win 63839 (DF)
20:17:58.944513 62.0.0.2.1186 > 200.181.70.168.80: . ack 24820 win 17520 (DF)
20:17:59.445284 85.0.0.2.1612 > 200.216.250.137.27015: udp 34
20:17:59.808445 200.225.86.50.80 > 15.0.6.2.1152: P 27322:28770(1448) ack 4903 win 65535 (DF)
20:18:00.798445 65.54.211.61.80 > 60.0.0.2.1053: . 6789:8249(1460) ack 3454 win 65535 (DF)
20:18:00.855669 85.0.0.2.2445 > 200.223.10.3.80: S 4264377549:4264377549(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
20:18:00.855746 200.223.10.3.80 > 85.0.0.2.2445: S 2268527943:2268527943(0) ack 4264377550 win 65535 <mss 1460> (DF)
20:18:00.856394 85.0.0.2.2445 > 200.223.10.3.80: . ack 1 win 64240 (DF)
20:18:00.979946 85.0.0.2.2446 > 62.90.166.232.80: S 4264445144:4264445144(0) win 64240 <mss 1460,nop,nop,sackOK> (DF)
20:18:00.980059 62.90.166.232.80 > 85.0.0.2.2446: S 2327248562:2327248562(0) ack 4264445145 win 65535 <mss 1460> (DF)
20:18:01.490677 85.0.0.2.2445 > 200.223.10.3.80: P 1:438(437) ack 1 win 64240 (DF)
20:18:01.548445 65.54.140.158.80 > 60.0.0.2.1058: S 2897818964:2897818964(0) ack 441791 win 65535 <mss 1460> (DF)
20:18:01.588487 200.223.10.3.80 > 85.0.0.2.2445: . ack 438 win 65535 (DF)
20:18:01.757875 200.223.10.3.80 > 85.0.0.2.2445: P 1:1405(1404) ack 438 win 65535 (DF)
20:18:01.763785 200.223.10.3.80 > 85.0.0.2.2445: P 1405:2773(1368) ack 438 win 65535 (DF)      
20:18:01.764846 85.0.0.2.2445 > 200.223.10.3.80: . ack 2773 win 64240 (DF)
20:18:01.849261 200.223.10.3.80 > 85.0.0.2.2445: P 2773:4141(1368) ack 438 win 65535 (DF)

		
---------------------------------
Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador do Yahoo! agora.
_______________________________________________________________
Para enviar um novo email para a lista: freebsd em fug.com.br
Sair da Lista: http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/

Mais detalhes sobre a lista de discussão freebsd