Revision history [back]
Statistics -> Capture File Properties
- capture is dated 2010-10-08 (it's been around a while)Statistics -> Conversations
orStatistics -> Endpoints
- the devices are both VMs (00:0c:29)- Right click on Frame #4 (
TELNET
) and selectFollow->TCP Stream
:- client is sending X11 DISPLAY info - backtrack:0.0 - predecessor to Kali (linux client)
- response is coming back as Microsoft Telnet Server (Windows server)
- telnet and ssh servers will often do a name lookup of the client making the connection.
In this case it's a Windows server so doing NBNS
- The domain name in the DHCP ACK is for a college/university - perhaps where the capture was done.
Statistics -> Capture File Properties
- capture is dated 2010-10-08 (it's been around a while)Statistics -> Conversations
orStatistics -> Endpoints
- the devices are both VMs (00:0c:29)- Right click on Frame #4 (
TELNET
) and selectFollow->TCP Stream
:- client is sending X11 DISPLAY info - backtrack:0.0 - predecessor to Kali (linux client)
- response
isas coming backasat Microsoft Telnet Server (Windows server) - telnet and ssh servers will often do a name lookup of the client making the connection.
In this case it's a Windows server so doing NBNS
- The domain name in the DHCP ACK is for a college/university - perhaps where the capture was done.
Statistics -> Capture File Properties
- capture is dated 2010-10-08 (it's been around a while)Statistics -> Conversations
orStatistics -> Endpoints
- the devices are both VMs (00:0c:29)- Right click on Frame #4 (
TELNET
) and selectFollow->TCP Stream
:- client is sending X11 DISPLAY info - backtrack:0.0 - predecessor to Kali (linux client)
- response as coming back at Microsoft Telnet Server (Windows server)
- telnet and ssh servers will often do a name lookup of the client making the connection.
In this case it's a Windows server so doing NBNS
- The domain name in the DHCP ACK is for a college/university - perhaps where the capture was done.