Ubuntu Pastebin

Paste from smoser at Wed, 10 Feb 2016 21:50:40 +0000

Download as text 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
backdoor@kearney:~$ tcpdump port 22 -vv
tcpdump: eth0: You don't have permission to capture on that device
(socket: Operation not permitted)
backdoor@kearney:~$ sudo tcpdump port 22 -vv
sudo: unable to resolve host kearney
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
### now from remote host a 'telnet 10.7.10.61 22'
21:25:33.803669 IP (tos 0x10, ttl 64, id 33882, offset 0, flags [DF], proto TCP (6), length 60)
    10.7.2.103.60426 > 10.7.10.61.ssh: Flags [S], cksum 0xd47f (correct), seq 3713616989, win 29200, options [mss 1460,sackOK,TS val 48220167 ecr 0,nop,wscale 7], length 0
21:25:33.803754 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    10.7.10.61.ssh > 10.7.2.103.60426: Flags [S.], cksum 0x2894 (correct), seq 3644613057, ack 3713616990, win 28960, options [mss 1460,sackOK,TS val 1339832 ecr 48220167,nop,wscale 7], length 0
21:25:33.804087 IP (tos 0x10, ttl 64, id 33883, offset 0, flags [DF], proto TCP (6), length 52)
    10.7.2.103.60426 > 10.7.10.61.ssh: Flags [.], cksum 0xc79b (correct), seq 1, ack 1, win 229, options [nop,nop,TS val 48220167 ecr 1339832], length 0
21:25:33.804121 IP (tos 0x10, ttl 64, id 55224, offset 0, flags [DF], proto TCP (6), length 40)
    10.7.10.61.ssh > 10.7.2.103.60426: Flags [R], cksum 0x680f (correct), seq 3644613058, win 0, length 0
Download as text