12 Packets captured

113 Packets received by filter

0 Packets dropped by kernel

3. Определите количество пакетов прошедших через внутреннюю сеть, через сеть с адресом 192.168.0.0/24.

C:\Documents and Settings\Admin>windump host 10.12.1.17 or port 80

windump: listening on \Device\NPF_{6CCB7761-9BD0-4605-B5A9-B37360767BF1}

08:07:08.204227 IP computer-fbe5bf.spu58.ru.1047 > 74.125.232.56.80: S 353884508

3:3538845083(0) win 65535 <mss 1460,nop,nop,sackOK>

08:07:08.207358 IP 74.125.232.56.80 > computer-fbe5bf.spu58.ru.1047: S 195048512

1:1950485121(0) ack 3538845084 win 8192 <mss 1460,nop,nop,sackOK>

08:07:08.207401 IP computer-fbe5bf.spu58.ru.1047 > 74.125.232.56.80: . ack 1 win 65535

08:07:08.207644 IP computer-fbe5bf.spu58.ru.1047 > 74.125.232.56.80: P 1:446(445) ack 1 win 65535

08:07:08.291968 IP computer-fbe5bf.spu58.ru.1047 > 74.125.232.56.80: . ack 2921win 65535

08:07:08.296652 IP 74.125.232.56.80 > computer-fbe5bf.spu58.ru.1047: . 2921:4381(1460) ack 446 win 64240

08:07:32.553162 IP 229-02.51359 > 239.255.255.250.1900: UDP, length 97

08:07:33.308105 IP 229-02.137 > 10.12.255.255.137: UDP, length 50

08:07:33.889334 arp who-has computer-fbe5bf.spu58.ru (00:03:ff:67:c8:37 (oui Unknown)) tell 229-02

08:07:33.889355 arp reply computer-fbe5bf.spu58.ru is-at 00:03:ff:67:c8:37 (ouiUnknown)

08:07:34.054159 IP 229-02.137 > 10.12.255.255.137: UDP, length 50

08:07:34.818720 IP 229-02.138 > 10.12.255.255.138: UDP, length 174

08:07:34.818747 IP 229-02.137 > 10.12.255.255.137: UDP, length 50

08:07:34.821047 arp who-has KOMP tell 229-02

08:07:35.558981 IP 229-02.51359 > 239.255.255.250.1900: UDP, length 97

08:07:37.076201 arp who-has AURUM tell 229-02

08:08:08.993910 IP computer-fbe5bf.spu58.ru.1049 > 173.194.35.216.80: R 494:494(0) ack 201 win 0

08:08:58.533471 arp who-has 229-02 tell CUPRUM

08:08:58.533821 arp who-has CUPRUM tell 229-02

321 packets captured

686 packets received by filter

0 packets dropped by kernel

4. Отследите прохождение трафика, касающегося определенного порта 80, 135, 445, 2869,49158, 49157

Ыфватдтаыв C:\Documents and Settings\Admin>windump port 80

windump: listening on \Device\NPF_{6CCB7761-9BD0-4605-B5A9-B37360767BF1}

08:52:19.670154 IP computer-fbe5bf.spu58.ru.1165 > 64.209.77.17.80: S 2636329003:2636329003(0) win 65535 <mss 1460,nop,nop,sackOK>

08:52:19.672371 IP 64.209.77.17.80 > computer-fbe5bf.spu58.ru.1165: S 507248442:507248442(0) ack 2636329004 win 8192 <mss 1460,nop,nop,sackOK>

08:52:19.672410 IP computer-fbe5bf.spu58.ru.1165 > 64.209.77.17.80: . ack 1 win 65535

08:52:19.672617 IP computer-fbe5bf.spu58.ru.1165 > 64.209.77.17.80: P 1:174(173) ack 1 win 65535

08:52:19.775159 IP 64.209.77.17.80 > computer-fbe5bf.spu58.ru.1165: P 1:349(348) ack 174 win 64240

08:52:19.821597 IP computer-fbe5bf.spu58.ru.1165 > 64.209.77.17.80: P 174:344(170) ack 349 win 65187

08:52:19.920228 IP 64.209.77.17.80 > computer-fbe5bf.spu58.ru.1165: P 349:697(348) ack 344 win 64070

08:52:19.922038 IP computer-fbe5bf.spu58.ru.1165 > 64.209.77.17.80: P 344:513(169) ack 697 win 64839

08:52:20.021798 IP 64.209.77.17.80 > computer-fbe5bf.spu58.ru.1165: . 697:2157(1460) ack 513 win 63901

08:52:20.021836 IP 64.209.77.17.80 > computer-fbe5bf.spu58.ru.1165: . 2157:3617(1460) ack 513 win 63901

08:52:20.375788 IP computer-fbe5bf.spu58.ru.1165 > 64.209.77.17.80: . ack 8905 win 65187

08:52:22.543479 IP computer-fbe5bf.spu58.ru.1166 > 65.55.27.220.80: S 64094249:64094249(0) win 65535 <mss 1460,nop,nop,sackOK>

08:52:22.545635 IP 65.55.27.220.80 > computer-fbe5bf.spu58.ru.1166: S 3917192000:3917192000(0) ack 64094250 win 8192 <mss 1460,nop,nop,sackOK>

118 packets captured

461 packets received by filter

0 packets dropped by kernel

D:\>windump port 135

windump: listening on \Device\NPF_{22DF6523-34C7-457C-8A90-162A5E47CF

0 packets captured

553 packets received by filter

0 packets dropped by kernel

D:\>windump port 445

windump: listening on \Device\NPF_{22DF6523-34C7-457C-8A90-162A5E47CF

0 packets captured

312 packets received by filter

0 packets dropped by kernel

D:\>windump port 2869

windump: listening on \Device\NPF_{22DF6523-34C7-457C-8A90-162A5E47CF

0 packets captured

177 packets received by filter

0 packets dropped by kernel

D:\>windump port 49158

windump: listening on \Device\NPF_{22DF6523-34C7-457C-8A90-162A5E47CF

0 packets captured

104 packets received by filter

0 packets dropped by kernel

D:\>windump port 49157

windump: listening on \Device\NPF_{22DF6523-34C7-457C-8A90-162A5E47CF

0 packets captured

186 packets received by filter

0 packets dropped by kernel

D:\>windump portrange 1-4560

windump: listening on \Device\NPF_{22DF6523-34C7-457C-8A90-162A5E47CF18}

19:34:47.494482 IP 192.168.0.111.137 > 192.168.0.255.137: UDP, length 50

19:34:47.880508 IP home-3dacc3d69f.68 > 255.255.255.255.67: BOOTP/DHCP, Request

from 40:4a:03:b3:54:7d (oui Unknown), length 300

19:34:48.244576 IP 192.168.0.111.137 > 192.168.0.255.137: UDP, length 50

19:34:48.246541 IP home-3dacc3d69f.68 > 255.255.255.255.67: BOOTP/DHCP, Request

from 00:19:cb:74:9e:61 (oui Unknown), length 548

19:34:48.470248 IP 169.254.82.180.138 > 169.254.255.255.138: UDP, length 174

19:34:48.470269 IP 169.254.82.180.137 > 169.254.255.255.137: UDP, length 50

19:34:48.624955 IP6 FE80::E1D8:CB0F:375D:B70E.546 > FF02::1:2.547: dhcp6 solicit

19:34:48.914727 IP6 FE80::5510:431B:E220:D7E5.546 > FF02::1:2.547: dhcp6 solicit

19:34:49.220227 IP 169.254.82.180.137 > 169.254.255.255.137: UDP, length 50

19:34:49.361915 IP 169.254.14.73.137 > 169.254.255.255.137: UDP, length 50

19:34:49.970281 IP 169.254.82.180.137 > 169.254.255.255.137: UDP, length 50

19:34:49.971114 IP home-3dacc3d69f.68 > 255.255.255.255.67: BOOTP/DHCP, Request

from 00:24:21:24:e5:0d (oui Unknown), length 300

19:34:49.973206 IP home-3dacc3d69f.68 > 255.255.255.255.67: BOOTP/DHCP, Request