Sniffer Output

C

Craig N.

Here are a few things I caught using ethereal, if anyone can tell me what it
means. Everything looks like normal traffic, except from one PC, and the
citrix boxes.I can export the file to text and e-mail it if anyone wants
some more detail, just email me at (e-mail address removed).

This is only half of it, but you get the idea, out of hundreds of pc's amd
about 15 random servers, these are the only ones doing this particulaar
thing.

Source Destination
Info

Colleen-pc.company.int 192,168.102.6 TCP
3480 > 5321 [PSH, ACK] Seq=1 Ack=0 Win=54512 Len=120.
Colleen-pc.company.int 192,168.102.6 TCP
3480 > 5321 [ACK] Seq=1 Ack=0 Win=54512 Len=120
Colleen-pc.company.int 192,168.102.6 TCP
3480 > 5321 [SYN] Seq=0 Ack=0 Win=54512 Len=120 MSS=1460
Colleen-pc.company.int 192.168.102.14 TCP
3479 > 1352 [ACK] Seq=1 Ack=0 Win=64512 Len=0
Colleen-pc.company.int 192.168.102.14 TCP
3479 > 1352 [SYN] Seq=0 Ack=0 Win=64512 Len=0 MSS=1460
---------------
Then on Citrix, I have a bunch of these, on all the servers:

Cxp03.company.int 192.168.102.150 TCP
1494 > 1041 [ACK] Seq=0 Ack=0 Win=63412 Len=0
-----------------------------------
Along with a LOT of these:

Cxp03.company.int 192.168.102.150 TCP
[TCP Previous segment lost] 1494 > 1041 [PSH, ACK] Seq=121622 Ack=4049
Win=63783 Len=1459

Cxp03.company.int 192.168.102.150 TCP
[TCP Previous segment lost] 1494 > 1041 [PSH, ACK] Seq=2045131 Ack=22451
Win=63783 Len=1459
 
A

Ace Fekay [MVP]

In
Craig N. said:
Here are a few things I caught using ethereal, if anyone can tell me
what it means. Everything looks like normal traffic, except from one
PC, and the citrix boxes.I can export the file to text and e-mail it
if anyone wants some more detail, just email me at (e-mail address removed).

This is only half of it, but you get the idea, out of hundreds of
pc's amd about 15 random servers, these are the only ones doing this
particulaar thing.

Source Destination
Info

Colleen-pc.company.int 192,168.102.6
TCP 3480 > 5321 [PSH, ACK] Seq=1 Ack=0 Win=54512 Len=120.
Colleen-pc.company.int 192,168.102.6
TCP 3480 > 5321 [ACK] Seq=1 Ack=0 Win=54512 Len=120
Colleen-pc.company.int 192,168.102.6
TCP 3480 > 5321 [SYN] Seq=0 Ack=0 Win=54512 Len=120 MSS=1460
Colleen-pc.company.int 192.168.102.14
TCP 3479 > 1352 [ACK] Seq=1 Ack=0 Win=64512 Len=0
Colleen-pc.company.int 192.168.102.14
TCP 3479 > 1352 [SYN] Seq=0 Ack=0 Win=64512 Len=0 MSS=1460
---------------
Then on Citrix, I have a bunch of these, on all the servers:

Cxp03.company.int 192.168.102.150
TCP 1494 > 1041 [ACK] Seq=0 Ack=0 Win=63412 Len=0
-----------------------------------
Along with a LOT of these:

Cxp03.company.int 192.168.102.150
TCP [TCP Previous segment lost] 1494 > 1041 [PSH, ACK] Seq=121622
Ack=4049 Win=63783 Len=1459

Cxp03.company.int 192.168.102.150
TCP [TCP Previous segment lost] 1494 > 1041 [PSH, ACK] Seq=2045131
Ack=22451 Win=63783 Len=1459
Click to expand...

I had a couple questions in your other thread concerning this.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

WinXP SP2 lost communication. 4
Can't connect to VPN (error 721) 5
IE6 bug: doesn't resend form-data when server resets connection 16
VPN - Error 721 - No LCP Configure-Ack 0
SSL connect to LDAP 0
FTPWebRequest Fails on Some FTP Sites 3
Problem with IE6 and https (Too many full handshakes). 0
ANyone must know what the problem is with VPN client. 1

Top