Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Thanks for your help
- I have run tcpdump like this :
- `sudo tcpdump -i any -nn host 192.168.21.6 -vvv -B 4096`
- For informations, i'm connected with OpenVPN.
- The destination machine is : 192.168.10.55
- The source (who start ssh connection) is : 192.168.21.6
- The tcpdump's command output :
- ```
- tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
- 11:24:42.193300 IP (tos 0x0, ttl 127, id 43677, offset 0, flags [DF], proto TCP (6), length 52)
- 192.168.21.6.50739 > 192.168.10.55.22: Flags [S], cksum 0xac7a (correct), seq 3494809899, win 64240, options [mss 1287,nop,wscale 8,nop,nop,sackOK], length 0
- 11:24:42.193463 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193473 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193479 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193484 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193488 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193492 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193497 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193501 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193505 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193511 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:42.193515 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.194973 IP (tos 0x0, ttl 127, id 43678, offset 0, flags [DF], proto TCP (6), length 52)
- 192.168.21.6.50739 > 192.168.10.55.22: Flags [S], cksum 0xac7a (correct), seq 3494809899, win 64240, options [mss 1287,nop,wscale 8,nop,nop,sackOK], length 0
- 11:24:43.211214 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211231 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211238 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211243 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211247 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211251 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211256 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211260 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211266 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211270 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:43.211275 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235211 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235229 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235236 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235241 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235245 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235249 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235254 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235258 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235263 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235268 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:44.235273 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:45.201400 IP (tos 0x0, ttl 127, id 43679, offset 0, flags [DF], proto TCP (6), length 52)
- 192.168.21.6.50739 > 192.168.10.55.22: Flags [S], cksum 0xac7a (correct), seq 3494809899, win 64240, options [mss 1287,nop,wscale 8,nop,nop,sackOK], length 0
- 11:24:49.200361 IP (tos 0x0, ttl 127, id 43680, offset 0, flags [DF], proto TCP (6), length 52)
- 192.168.21.6.50739 > 192.168.10.55.22: Flags [S], cksum 0xac7a (correct), seq 3494809899, win 64240, options [mss 1287,nop,wscale 8,nop,nop,sackOK], length 0
- 11:24:49.200443 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200453 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200459 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200463 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200468 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200472 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200477 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200481 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200486 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200490 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:49.200494 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219219 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219237 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219244 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219248 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219253 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219258 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219262 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219267 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219272 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219276 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:50.219281 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243209 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243227 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243234 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243239 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243243 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243248 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243252 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243256 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243261 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243266 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:51.243270 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201069 IP (tos 0x0, ttl 127, id 43681, offset 0, flags [DF], proto TCP (6), length 52)
- 192.168.21.6.50739 > 192.168.10.55.22: Flags [S], cksum 0xac7a (correct), seq 3494809899, win 64240, options [mss 1287,nop,wscale 8,nop,nop,sackOK], length 0
- 11:24:57.201151 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201160 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201166 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201171 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201175 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201179 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201184 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201188 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201192 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201197 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:57.201202 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219215 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219231 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219237 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219242 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219246 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219250 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219254 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219259 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219263 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219268 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:58.219272 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243208 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243224 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243231 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243235 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243240 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243244 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243249 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243253 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243258 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243262 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- 11:24:59.243266 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.21.6 tell 192.168.10.55, length 28
- ^C
- 104 packets captured
- 104 packets received by filter
- 0 packets dropped by kernel
- ```
Add Comment
Please, Sign In to add comment