[Comm] сетевые пакеты

Ivan Petrov =?iso-8859-1?q?pravo_=CE=C1_hnet=2Eru?=
Пн Июл 28 08:32:01 MSD 2008 

Sergey пишет:
> On Sunday 27 July 2008, Ivan Petrov wrote:
> 
>> Как бы средствами эхотага узнать, кто (с какого IP)тянет через меня 
>> интернет траффик?
> 
> tcpdump, 

Это заработало.
Он мне выдал инфу. Можно ли из неё узнать, с какого IP через меня в 
интернет ходят?

23:05:42.010747 IP 10.168.43.127.netbios-ns > 10.168.47.255.netbios-ns: 
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
23:05:42.031249 IP 10.168.41.253.netbios-ns > 10.168.47.255.netbios-ns: 
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
23:05:42.071763 IP 10.168.42.13.netbios-dgm > 10.168.47.255.netbios-dgm: 
NBT UDP PACKET(138)
23:05:42.079689 arp who-has host89-251-103-33.hnet.ru (00:15:17:78:81:99 
(oui Unknown)) tell host89-251-103-34.hnet.ru
23:05:42.101860 IP 10.168.40.161.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.101965 IP 10.168.40.161.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.102080 IP 10.168.40.161.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.102561 IP 10.168.42.221.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.102976 IP 10.168.40.161.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.108560 IP 10.168.40.212.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.108945 IP 10.168.40.161.netbios-dgm > 
10.168.47.255.netbios-dgm: NBT UDP PACKET(138)
23:05:42.109233 IP 10.168.40.23.netbios-ns > 10.168.47.255.netbios-ns: 
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
23:05:42.118181 IP 10.168.43.14.netbios-ns > 10.168.47.255.netbios-ns: 
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
23:05:42.118263 arp who-has 10.168.43.14 tell 10.168.45.43
23:05:42.118276 arp who-has 10.168.43.14 tell 10.168.40.118
23:05:42.118283 arp who-has 10.168.43.14 tell 10.168.41.204
23:05:42.118291 arp who-has 10.168.43.14 tell 10.168.42.84
23:05:42.118296 arp who-has 10.168.43.14 tell 10.168.42.124
23:05:42.118316 arp who-has 10.168.43.14 tell 10.168.42.58
23:05:42.118325 arp who-has 10.168.43.14 tell 10.168.40.233
23:05:42.118330 arp who-has 10.168.43.14 tell 10.168.40.74
23:05:42.118337 arp who-has 10.168.43.14 tell 10.168.40.61
23:05:42.118343 arp who-has 10.168.43.14 tell 10.168.41.140
23:05:42.118349 arp who-has 10.168.43.14 tell 10.168.43.167
23:05:42.118356 arp who-has 10.168.43.14 tell 10.168.40.185
23:05:42.118362 arp who-has 10.168.43.14 tell 10.168.40.220
23:05:42.118369 arp who-has 10.168.43.14 tell 10.168.41.17
23:05:42.118375 arp who-has 10.168.43.14 tell 10.168.40.164
23:05:42.118381 arp who-has 10.168.43.14 tell 10.168.43.47
23:05:42.118387 arp who-has 10.168.43.14 tell 10.168.43.127
23:05:42.118393 arp who-has 10.168.43.14 tell 10.168.40.219
23:05:42.118399 arp who-has 10.168.43.14 tell 10.168.40.189
23:05:42.118406 arp who-has 10.168.43.14 tell 10.168.40.209
23:05:42.118412 arp who-has 10.168.43.14 tell 10.168.40.122
23:05:42.118419 arp who-has 10.168.43.14 tell 10.168.41.151
23:05:42.118425 arp who-has 10.168.43.14 tell 10.168.43.82
23:05:42.118431 arp who-has 10.168.43.14 tell 10.168.43.17
23:05:42.118437 arp who-has 10.168.43.14 tell 10.168.43.2
23:05:42.118458 arp who-has 10.168.43.14 tell 10.168.40.20
23:05:42.118465 arp who-has 10.168.43.14 tell 10.168.41.174
23:05:42.118470 arp who-has 10.168.43.14 tell 10.168.43.48
23:05:42.118475 arp who-has 10.168.43.14 tell 10.168.40.201
23:05:42.118481 arp who-has 10.168.43.14 tell 10.168.41.87
23:05:42.118486 arp who-has 10.168.43.14 tell 10.168.43.173
23:05:42.118493 arp who-has 10.168.43.14 tell 10.168.44.233
23:05:42.118499 arp who-has 10.168.43.14 tell 10.168.41.6
23:05:42.118520 arp who-has 10.168.43.14 tell 10.168.41.27
23:05:42.118606 arp who-has 10.168.43.14 tell 10.168.42.52
23:05:42.118613 arp who-has 10.168.43.14 tell 10.168.41.10
23:05:42.118618 arp who-has 10.168.43.14 tell 10.168.45.16
23:05:42.118625 arp who-has 10.168.43.14 tell 10.168.40.94
23:05:42.118630 arp who-has 10.168.43.14 tell 10.168.41.213
23:05:42.118636 arp who-has 10.168.43.14 tell 10.168.44.42
23:05:42.118643 arp who-has 10.168.43.14 tell 10.168.43.154
23:05:42.118649 arp who-has 10.168.43.14 tell 10.168.42.195
23:05:42.118668 arp who-has 10.168.43.14 tell 10.168.43.51
23:05:42.118674 arp who-has 10.168.43.14 tell 10.168.44.81
23:05:42.118681 arp who-has 10.168.43.14 tell 10.168.41.11
23:05:42.118686 arp who-has 10.168.43.14 tell 10.168.40.141
23:05:42.118708 arp who-has 10.168.43.14 tell 10.168.40.187
23:05:42.118714 arp who-has 10.168.43.14 tell 10.168.40.240
23:05:42.118720 arp who-has 10.168.43.14 tell 10.168.42.115
23:05:42.118725 arp who-has 10.168.43.14 tell 10.168.42.178
23:05:42.118762 arp who-has 10.168.43.14 tell 10.168.42.202
23:05:42.118768 arp who-has 10.168.43.14 tell 10.168.42.211
23:05:42.118774 arp who-has 10.168.43.14 tell 10.168.45.6
23:05:42.118801 arp who-has 10.168.43.14 tell 10.168.42.175
23:05:42.118883 IP 10.168.43.14.netbios-dgm > 10.168.47.255.netbios-dgm: 
NBT UDP PACKET(138)
23:05:42.118890 arp who-has 10.168.43.14 tell 10.168.41.54
23:05:42.118948 arp who-has 10.168.43.14 tell 10.168.44.9
23:05:42.118954 arp who-has 10.168.43.14 tell 10.168.41.136
23:05:42.118959 arp who-has 10.168.43.14 tell 10.168.44.37
23:05:42.119034 arp who-has 10.168.43.14 tell 10.168.44.121
23:05:42.119053 arp who-has 10.168.43.14 tell 10.168.42.198
23:05:42.119091 arp who-has 10.168.43.14 tell 10.168.44.104
23:05:42.119097 arp who-has 10.168.43.14 tell 10.168.43.8
23:05:42.119105 arp who-has 10.168.43.14 tell 10.168.43.251
23:05:42.119111 arp who-has 10.168.43.14 tell 10.168.43.117
23:05:42.119117 arp who-has 10.168.43.14 tell 10.168.43.112
23:05:42.119146 arp who-has 10.168.43.14 tell 10.168.41.48
23:05:42.119235 arp who-has 10.168.43.14 tell 10.168.43.100
23:05:42.119305 arp who-has 10.168.43.14 tell 10.168.43.89
23:05:42.119398 arp who-has 10.168.43.14 tell 10.168.42.133
23:05:42.119462 arp who-has 10.168.43.14 tell 10.168.43.102
23:05:42.119500 arp who-has 10.168.43.14 tell 10.168.40.244
23:05:42.119774 arp who-has 10.168.43.14 tell 10.168.43.189
23:05:42.120481 arp who-has 10.168.43.14 tell 10.168.42.13
23:05:42.121727 arp who-has 10.168.43.14 tell 10.168.41.245
23:05:42.121734 arp who-has 10.168.43.14 tell 10.168.42.24
23:05:42.125025 arp who-has 10.168.43.14 tell 10.168.43.215
23:05:42.125030 arp who-has 10.168.43.14 tell 10.168.42.139
23:05:42.125103 arp who-has 10.168.43.14 tell 10.168.45.17
23:05:42.125144 arp who-has 10.168.43.14 tell 10.168.43.239
23:05:42.125163 arp who-has 10.168.43.14 tell 10.168.43.237
23:05:42.125169 arp who-has 10.168.43.14 tell 10.168.42.140
23:05:42.125191 arp who-has 10.168.43.14 tell 10.168.43.221
23:05:42.125216 arp who-has 10.168.43.14 tell 10.168.42.26
23:05:42.125481 arp who-has 10.168.43.14 tell 10.168.40.60
23:05:42.125504 arp who-has 10.168.43.14 tell 10.168.40.51
23:05:42.125623 arp who-has 10.168.43.14 tell 10.168.40.52
23:05:42.125773 arp who-has 10.168.43.14 tell 10.168.43.218
23:05:42.126952 arp who-has 10.168.43.14 tell 10.168.44.145
23:05:42.127017 arp who-has 10.168.44.145 tell 10.168.41.18
23:05:42.127032 arp who-has 10.168.44.145 tell 10.168.42.193
23:05:42.128284 arp who-has 10.168.43.14 tell 10.168.43.139
23:05:42.134994 arp who-has 10.168.43.14 tell 10.168.41.124
23:05:42.135063 arp who-has 10.168.43.14 tell 10.168.41.129
23:05:42.135241 arp who-has 10.168.43.14 tell 10.168.44.182
23:05:42.161282 IP 58.96.132.171.16473 > 10.168.44.132.58610: P 
1:186(185) ack 295 win 17040
23:05:42.167829 arp who-has 10.168.43.14 tell 10.168.42.247
23:05:42.178980 arp who-has 10.168.40.161 tell 10.168.40.212
23:05:42.200550 arp who-has 10.168.43.14 tell 10.168.43.83
23:05:42.235167 IP 10.168.40.51.netbios-dgm > 10.168.47.255.netbios-dgm: 
NBT UDP PACKET(138)
23:05:42.235192 IP 10.168.40.51.netbios-ns > 10.168.47.255.netbios-ns: 
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
23:05:42.238547 IP 192.168.130.116.411 > 10.168.44.132.57616: P 
914:993(79) ack 1 win 64583
23:05:42.262683 arp who-has 10.168.46.193 tell 10.168.42.50
23:05:42.268072 IP 10.168.40.163.netbios-ns > 10.168.47.255.netbios-ns: 
NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
23:05:42.315587 IP 10.168.40.1.domain > 10.168.40.198.52863: 12939 
NXDomain 0/1/0 (114)
23:05:42.316782 IP 10.168.40.198.40176 > 10.168.40.1.domain: 64889+ PTR? 
161.40.168.10.in-addr.arpa. (44)
23:05:42.317035 IP 10.168.40.1.domain > 10.168.40.198.40176: 64889 
ServFail 0/0/0 (44)
23:05:42.319876 IP 10.168.40.198.48448 > 10.168.40.1.domain: 64889+ PTR? 
161.40.168.10.in-addr.arpa. (44)
23:05:42.320121 IP 10.168.40.1.domain > 10.168.40.198.48448: 64889 
ServFail 0/0/0 (44)
23:05:42.320388 IP 10.168.40.198.35324 > 10.168.40.1.domain: 18453+ PTR? 
221.42.168.10.in-addr.arpa. (44)
23:05:42.320627 IP 10.168.40.1.domain > 10.168.40.198.35324: 18453 
ServFail 0/0/0 (44)
23:05:42.320817 IP 10.168.40.198.43770 > 10.168.40.1.domain: 18453+ PTR? 
221.42.168.10.in-addr.arpa. (44)

И.П.

Подробная информация о списке рассылки community