Thread: problems with wifi access point
View Single Post
  #37   (View Single Post)  
Old 2nd January 2010
mayuka mayuka is offline
Fdisk Soldier
  
Join Date: Dec 2009
Posts: 64
Default
Argh.. My Apple notebook won't connect over wifi at the moment. Don't know why. So I did this from the (un-jailbreaked) iphone. Instead of dig/nslookup/host id did just browse www.google.com. There is lots of traffic being ganerated. I decided to just post the traffic on my wifi adapter. I hope you can make head or tails out of it. I can post the traffic on my external interface afterwards.

PS: I blacked out the mac addresses. xx:xx is the iphone. yy:yy is the wifi adapter. Happy digging.

Code:
13:16:38.708899 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.99 tell 0.0.0.0
13:16:39.109161 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.99 tell 0.0.0.0
13:16:39.518627 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.99 tell 0.0.0.0
13:16:39.918340 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.99 tell 192.168.2.99
13:16:40.319119 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.99 tell 192.168.2.99
13:16:40.322738 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.254 tell 192.168.2.99
13:16:40.322764 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0806 42: arp reply 192.168.2.254 is-at yy:yy:yy:yy:yy:yy
13:16:40.478697 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 169.254.255.255 tell 192.168.2.99
13:16:40.612418 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:02 0800 46: 192.168.2.99 > 224.0.0.2: igmp leave 224.0.0.251 [ttl 1]
13:16:40.614319 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 46: 192.168.2.99 > 224.0.0.251: igmp nreport 224.0.0.251 [ttl 1]
13:16:40.861484 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 169.254.255.255 tell 192.168.2.99
13:16:40.907594 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 192.168.2.254 tell 192.168.2.99
13:16:40.907619 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0806 42: arp reply 192.168.2.254 is-at yy:yy:yy:yy:yy:yy
13:16:40.908888 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 113: 192.168.2.99.5353 > 224.0.0.251.5353: 0 [1n] [1au] ANY (Cache flush)? touchPod.local. (71)
13:16:40.911770 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 91: 192.168.2.99.57739 > 83.169.185.161.53: 59379+ A? safebrowsing.clients.google.com. (49)
13:16:40.919842 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 211: 83.169.185.161.53 > 192.168.2.99.57739: 59379 7/0/0 CNAME clients.l.google.com.,[|domain]
13:16:41.157010 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 113: 192.168.2.99.5353 > 224.0.0.251.5353: 0 [1n] [1au] ANY? touchPod.local. (71)
13:16:41.261481 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 169.254.255.255 tell 192.168.2.99
13:16:41.406013 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 113: 192.168.2.99.5353 > 224.0.0.251.5353: 0 [1n] [1au] ANY? touchPod.local. (71)
13:16:41.655503 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 123: 192.168.2.99.5353 > 224.0.0.251.5353: 0*- [0q] 2/0/0 (Cache flush) A 192.168.2.99, (81)
13:16:41.661492 xx:xx:xx:xx:xx:xx ff:ff:ff:ff:ff:ff 0806 42: arp who-has 169.254.255.255 tell 192.168.2.99
13:16:42.652756 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 123: 192.168.2.99.5353 > 224.0.0.251.5353: 0*- [0q] 2/0/0 (Cache flush) A 192.168.2.99, (81)
13:16:44.667696 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 123: 192.168.2.99.5353 > 224.0.0.251.5353: 0*- [0q] 2/0/0 (Cache flush) A 192.168.2.99, (81)
13:16:44.667828 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 44: 192.168.2.99.5353 > 192.168.2.254.5351:[|domain]
13:16:44.667962 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:44.668086 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 170: 192.168.2.99.61471 > 192.168.2.254.1900: udp 128
13:16:44.668155 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:44.672915 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 170: 192.168.2.99.61471 > 239.255.255.250.1900: udp 128
13:16:44.673060 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 54: 192.168.2.99.5353 > 192.168.2.254.5351: 1 [5353a] [5353q] [7200au][|domain]
13:16:44.673118 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:44.673313 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 171: 192.168.2.99.61471 > 192.168.2.254.1900: udp 129
13:16:44.673359 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:44.676879 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 171: 192.168.2.99.61471 > 239.255.255.250.1900: udp 129
13:16:45.178569 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 44: 192.168.2.99.5353 > 192.168.2.254.5351:[|domain]
13:16:45.178652 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:45.178793 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 170: 192.168.2.99.61471 > 192.168.2.254.1900: udp 128
13:16:45.178841 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:45.181832 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 170: 192.168.2.99.61471 > 239.255.255.250.1900: udp 128
13:16:45.182027 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 54: 192.168.2.99.5353 > 192.168.2.254.5351: 1 [5353a] [5353q] [7200au][|domain]
13:16:45.182074 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:45.184278 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 171: 192.168.2.99.61471 > 192.168.2.254.1900: udp 129
13:16:45.184321 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:45.184529 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 171: 192.168.2.99.61471 > 239.255.255.250.1900: udp 129
13:16:46.160606 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 44: 192.168.2.99.5353 > 192.168.2.254.5351:[|domain]
13:16:46.160689 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:46.162567 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 170: 192.168.2.99.61471 > 192.168.2.254.1900: udp 128
13:16:46.162613 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:46.162819 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 170: 192.168.2.99.61471 > 239.255.255.250.1900: udp 128
13:16:46.164308 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 54: 192.168.2.99.5353 > 192.168.2.254.5351: 1 [5353a] [5353q] [7200au][|domain]
13:16:46.164352 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:46.166563 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 171: 192.168.2.99.61471 > 192.168.2.254.1900: udp 129
13:16:46.166616 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:46.166811 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 171: 192.168.2.99.61471 > 239.255.255.250.1900: udp 129
13:16:48.156084 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 44: 192.168.2.99.5353 > 192.168.2.254.5351:[|domain]
13:16:48.156165 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:48.158050 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 170: 192.168.2.99.61471 > 192.168.2.254.1900: udp 128
13:16:48.158097 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:48.158302 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 170: 192.168.2.99.61471 > 239.255.255.250.1900: udp 128
13:16:48.159790 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 54: 192.168.2.99.5353 > 192.168.2.254.5351: 1 [5353a] [5353q] [7200au][|domain]
13:16:48.159834 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 5351 unreachable
13:16:48.163536 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 171: 192.168.2.99.61471 > 192.168.2.254.1900: udp 129
13:16:48.163578 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: 192.168.2.254 udp port 1900 unreachable
13:16:48.163786 xx:xx:xx:xx:xx:xx 01:00:5e:7f:ff:fa 0800 171: 192.168.2.99.61471 > 239.255.255.250.1900: udp 129
13:16:48.165536 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 74: 192.168.2.99.5353 > 83.169.185.161.53: 64815+ TXT? push.apple.com. (32)
13:16:48.174312 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 95: 83.169.185.161.53 > 192.168.2.99.5353: 64815 1/0/0 TXT "count=50[|domain]
13:16:48.290001 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 84: 192.168.2.99.64639 > 83.169.185.161.53: 17435+ A? 1-courier.push.apple.com. (42)
13:16:48.305294 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 261: 83.169.185.161.53 > 192.168.2.99.64639: 17435 9/0/0 CNAME[|domain]
13:16:48.315909 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50105 > 17.149.36.234.5223: S 2685137392:2685137392(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427309 0,sackOK,eol> (DF)
13:16:48.316064 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.234 unreachable
13:16:48.652419 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 123: 192.168.2.99.5353 > 224.0.0.251.5353: 0*- [0q] 2/0/0 (Cache flush) A 192.168.2.99, (81)
13:16:49.265556 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50105 > 17.149.36.234.5223: S 2685137392:2685137392(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427318 0,sackOK,eol> (DF)
13:16:49.265746 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.234 unreachable
13:16:50.248822 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50105 > 17.149.36.234.5223: S 2685137392:2685137392(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427328 0,sackOK,eol> (DF)
13:16:50.248964 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.234 unreachable
13:16:50.348879 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 46: 192.168.2.99 > 224.0.0.251: igmp nreport 224.0.0.251 [ttl 1]
13:16:51.247583 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50105 > 17.149.36.234.5223: S 2685137392:2685137392(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427338 0,sackOK,eol> (DF)
13:16:51.247784 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.234 unreachable
13:16:52.246554 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50105 > 17.149.36.234.5223: S 2685137392:2685137392(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427348 0,sackOK,eol> (DF)
13:16:52.246710 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.234 unreachable
13:16:52.260238 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50106 > 17.149.36.166.5223: S 4187036928:4187036928(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427349 0,sackOK,eol> (DF)
13:16:52.260357 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.166 unreachable
13:16:53.250026 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50106 > 17.149.36.166.5223: S 4187036928:4187036928(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427358 0,sackOK,eol> (DF)
13:16:53.250170 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.166 unreachable
13:16:54.244044 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50106 > 17.149.36.166.5223: S 4187036928:4187036928(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427368 0,sackOK,eol> (DF)
13:16:54.244241 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.166 unreachable
13:16:55.242770 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50106 > 17.149.36.166.5223: S 4187036928:4187036928(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427378 0,sackOK,eol> (DF)
13:16:55.242928 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.166 unreachable
13:16:56.241507 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50106 > 17.149.36.166.5223: S 4187036928:4187036928(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427388 0,sackOK,eol> (DF)
13:16:56.241657 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.166 unreachable
13:16:56.247207 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50107 > 17.149.36.123.5223: S 4113026251:4113026251(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427389 0,sackOK,eol> (DF)
13:16:56.247314 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.123 unreachable
13:16:56.621864 xx:xx:xx:xx:xx:xx 01:00:5e:00:00:fb 0800 123: 192.168.2.99.5353 > 224.0.0.251.5353: 0*- [0q] 2/0/0 (Cache flush) A 192.168.2.99, (81)
13:16:57.240238 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50107 > 17.149.36.123.5223: S 4113026251:4113026251(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427398 0,sackOK,eol> (DF)
13:16:57.240389 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.123 unreachable
13:16:58.256679 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50107 > 17.149.36.123.5223: S 4113026251:4113026251(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427408 0,sackOK,eol> (DF)
13:16:58.256835 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.123 unreachable
13:16:58.310568 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 74: 192.168.2.99.62288 > 83.169.185.161.53: 22404+ A? www.google.com. (32)
13:16:58.317885 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 190: 83.169.185.161.53 > 192.168.2.99.62288: 22404 7/0/0 CNAME www.l.google.com., A 209.85.135.105,[|domain]
13:16:58.333744 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50108 > 209.85.135.105.80: S 860115950:860115950(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427409 0,sackOK,eol> (DF)
13:16:58.370211 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 74: 209.85.135.105.80 > 192.168.2.99.50108: S 351720446:351720446(0) ack 860115951 win 5672 <mss 1430,sackOK,timestamp 3521150060 840427409,nop,wscale 6>
13:16:58.373360 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50108 > 209.85.135.105.80: . ack 1 win 32968 <nop,nop,timestamp 840427410 3521150060> (DF)
13:16:58.460935 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 521: 192.168.2.99.50108 > 209.85.135.105.80: P 1:456(455) ack 1 win 32968 <nop,nop,timestamp 840427411 3521150060> (DF)
13:16:58.500672 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 66: 209.85.135.105.80 > 192.168.2.99.50108: . ack 456 win 106 <nop,nop,timestamp 3521150191 840427411>
13:16:58.514816 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 721: 209.85.135.105.80 > 192.168.2.99.50108: P 1:656(655) ack 456 win 106 <nop,nop,timestamp 3521150205 840427411>
13:16:58.522747 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50108 > 209.85.135.105.80: . ack 656 win 32804 <nop,nop,timestamp 840427411 3521150205> (DF)
13:16:58.643240 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 73: 192.168.2.99.54556 > 83.169.185.161.53: 30984+ A? www.google.de. (31)
13:16:58.651020 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 217: 83.169.185.161.53 > 192.168.2.99.54556: 30984 8/0/0 CNAME www.google.com., CNAME[|domain]
13:16:58.665159 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50109 > 209.85.135.105.80: S 2575371328:2575371328(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427413 0,sackOK,eol> (DF)
13:16:58.700923 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 74: 209.85.135.105.80 > 192.168.2.99.50109: S 434548378:434548378(0) ack 2575371329 win 5672 <mss 1430,sackOK,timestamp 4073449169 840427413,nop,wscale 6>
13:16:58.703534 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 1 win 32968 <nop,nop,timestamp 840427413 4073449169> (DF)
13:16:58.706828 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 614: 192.168.2.99.50109 > 209.85.135.105.80: P 1:549(548) ack 1 win 32968 <nop,nop,timestamp 840427413 4073449169> (DF)
13:16:58.743750 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 66: 209.85.135.105.80 > 192.168.2.99.50109: . ack 549 win 106 <nop,nop,timestamp 4073449212 840427413>
13:16:58.868765 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 587: 209.85.135.105.80 > 192.168.2.99.50109: P 1:522(521) ack 549 win 106 <nop,nop,timestamp 4073449337 840427413>
13:16:58.875621 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 522 win 32838 <nop,nop,timestamp 840427415 4073449337> (DF)
13:16:58.954014 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 522:1940(1418) ack 549 win 106 <nop,nop,timestamp 4073449423 840427415>
13:16:58.956218 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 1940:3358(1418) ack 549 win 106 <nop,nop,timestamp 4073449423 840427415>
13:16:58.958187 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1326: 209.85.135.105.80 > 192.168.2.99.50109: P 3358:4618(1260) ack 549 win 106 <nop,nop,timestamp 4073449423 840427415>
13:16:58.960173 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 72: 209.85.135.105.80 > 192.168.2.99.50109: P 4618:4624(6) ack 549 win 106 <nop,nop,timestamp 4073449423 840427415>
13:16:58.960426 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 4624:6042(1418) ack 549 win 106 <nop,nop,timestamp 4073449423 840427415>
13:16:58.991837 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 3358 win 32614 <nop,nop,timestamp 840427416 4073449423> (DF)
13:16:58.993301 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 4618 win 32653 <nop,nop,timestamp 840427416 4073449423> (DF)
13:16:59.007778 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 4624 win 32652 <nop,nop,timestamp 840427416 4073449423> (DF)
13:16:59.035167 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 6042:7460(1418) ack 549 win 106 <nop,nop,timestamp 4073449498 840427416>
13:16:59.035505 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 7460:8878(1418) ack 549 win 106 <nop,nop,timestamp 4073449498 840427416>
13:16:59.035579 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 8878:10296(1418) ack 549 win 106 <nop,nop,timestamp 4073449498 840427416>
13:16:59.044218 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 10296:11714(1418) ack 549 win 106 <nop,nop,timestamp 4073449513 840427416>
13:16:59.049138 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 11714:13132(1418) ack 549 win 106 <nop,nop,timestamp 4073449513 840427416>
13:16:59.056120 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 13132:14550(1418) ack 549 win 106 <nop,nop,timestamp 4073449513 840427416>
13:16:59.062551 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 7460 win 32614 <nop,nop,timestamp 840427417 4073449423> (DF)
13:16:59.062606 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 14550:15968(1418) ack 549 win 106 <nop,nop,timestamp 4073449513 840427416>
13:16:59.103961 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 8878 win 32968 <nop,nop,timestamp 840427417 4073449498> (DF)
13:16:59.104016 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 15968:17386(1418) ack 549 win 106 <nop,nop,timestamp 4073449570 840427417>
13:16:59.104338 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 17386:18804(1418) ack 549 win 106 <nop,nop,timestamp 4073449570 840427417>
13:16:59.105098 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 18804:20222(1418) ack 549 win 106 <nop,nop,timestamp 4073449570 840427417>
13:16:59.126261 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 10296 win 32614 <nop,nop,timestamp 840427417 4073449498> (DF)
13:16:59.148081 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 20222:21640(1418) ack 549 win 106 <nop,nop,timestamp 4073449617 840427417>
13:16:59.149999 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 21640:23058(1418) ack 549 win 106 <nop,nop,timestamp 4073449617 840427417>
13:16:59.151923 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 11714 win 32968 <nop,nop,timestamp 840427417 4073449513> (DF)
13:16:59.187724 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 23058:24476(1418) ack 549 win 106 <nop,nop,timestamp 4073449657 840427417>
13:16:59.189416 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 24476:25894(1418) ack 549 win 106 <nop,nop,timestamp 4073449657 840427417>
13:16:59.191332 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 14550 win 32968 <nop,nop,timestamp 840427417 4073449513> (DF)
13:16:59.191627 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1484: 209.85.135.105.80 > 192.168.2.99.50109: . 25894:27312(1418) ack 549 win 106 <nop,nop,timestamp 4073449657 840427417>
13:16:59.193412 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 1273: 209.85.135.105.80 > 192.168.2.99.50109: P 27312:28519(1207) ack 549 win 106 <nop,nop,timestamp 4073449657 840427417>
13:16:59.204307 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 15968 win 32968 <nop,nop,timestamp 840427417 4073449513> (DF)
13:16:59.217282 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 18804 win 32968 <nop,nop,timestamp 840427418 4073449570> (DF)
13:16:59.241215 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 21640 win 32968 <nop,nop,timestamp 840427418 4073449570> (DF)
13:16:59.241428 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 24476 win 32968 <nop,nop,timestamp 840427418 4073449617> (DF)
13:16:59.241677 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 27312 win 32968 <nop,nop,timestamp 840427418 4073449657> (DF)
13:16:59.241928 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50107 > 17.149.36.123.5223: S 4113026251:4113026251(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427418 0,sackOK,eol> (DF)
13:16:59.242065 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.123 unreachable
13:16:59.242174 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 28519 win 32666 <nop,nop,timestamp 840427419 4073449657> (DF)
13:16:59.538739 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 544: 192.168.2.99.50109 > 209.85.135.105.80: P 549:1027(478) ack 28519 win 32968 <nop,nop,timestamp 840427421 4073449657> (DF)
13:16:59.574916 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 66: 209.85.135.105.80 > 192.168.2.99.50109: . ack 1027 win 123 <nop,nop,timestamp 4073450045 840427421>
13:16:59.826343 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 829: 209.85.135.105.80 > 192.168.2.99.50109: P 28519:29282(763) ack 1027 win 123 <nop,nop,timestamp 4073450294 840427421>
13:16:59.835207 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50109 > 209.85.135.105.80: . ack 29282 win 32777 <nop,nop,timestamp 840427424 4073450294> (DF)
13:17:00.068628 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 75: 192.168.2.99.61688 > 83.169.185.161.53: 16954+ A? www.gstatic.com. (33)
13:17:00.077407 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 199: 83.169.185.161.53 > 192.168.2.99.61688: 16954 7/0/0 CNAME www2.l.google.com., A[|domain]
13:17:00.095551 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50110 > 209.85.135.105.80: S 63261447:63261447(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427427 0,sackOK,eol> (DF)
13:17:00.131293 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 74: 209.85.135.105.80 > 192.168.2.99.50110: S 371668876:371668876(0) ack 63261448 win 5672 <mss 1430,sackOK,timestamp 1904402167 840427427,nop,wscale 6>
13:17:00.133937 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50110 > 209.85.135.105.80: . ack 1 win 32968 <nop,nop,timestamp 840427427 1904402167> (DF)
13:17:00.136947 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 375: 192.168.2.99.50110 > 209.85.135.105.80: P 1:310(309) ack 1 win 32968 <nop,nop,timestamp 840427427 1904402167> (DF)
13:17:00.172885 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 66: 209.85.135.105.80 > 192.168.2.99.50110: . ack 310 win 106 <nop,nop,timestamp 1904402209 840427427>
13:17:00.174370 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 386: 209.85.135.105.80 > 192.168.2.99.50110: P 1:321(320) ack 310 win 106 <nop,nop,timestamp 1904402209 840427427>
13:17:00.174627 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 644: 209.85.135.105.80 > 192.168.2.99.50110: P 321:899(578) ack 310 win 106 <nop,nop,timestamp 1904402209 840427427>
13:17:00.198302 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50110 > 209.85.135.105.80: . ack 321 win 32888 <nop,nop,timestamp 840427428 1904402209> (DF)
13:17:00.198521 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 66: 192.168.2.99.50110 > 209.85.135.105.80: . ack 899 win 32824 <nop,nop,timestamp 840427428 1904402209> (DF)
13:17:00.237691 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50107 > 17.149.36.123.5223: S 4113026251:4113026251(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427428 0,sackOK,eol> (DF)
13:17:00.237854 yy:yy:yy:yy:yy:yy xx:xx:xx:xx:xx:xx 0800 70: 192.168.2.254 > 192.168.2.99: icmp: host 17.149.36.123 unreachable
13:17:00.243405 xx:xx:xx:xx:xx:xx yy:yy:yy:yy:yy:yy 0800 78: 192.168.2.99.50111 > 17.149.36.197.5223: S 2314452776:2314452776(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 840427429 0,sackOK,eol> (DF)
Reply With Quote