New to reading dumps, can anyone tell me whats wrong here?

dumps
VLANS
retag add tags

No. Time    Source  Destination Protocol    Length  Info
1   0.000000    10.30.0.54  172.20.20.20    TCP 66  47870 → 443 [ACK] Seq=1 Ack=1 Win=183 Len=0 SLE=4294966554 SRE=1
2   1.330120    10.30.0.54  172.20.20.20    TCP 66  47824 → 443 [ACK] Seq=1 Ack=1 Win=137 Len=0 SLE=0 SRE=1
3   1.359978    10.30.0.54  172.20.20.20    TCP 66  47838 → 443 [ACK] Seq=1 Ack=1 Win=137 Len=0 SLE=0 SRE=1
4   4.415865    10.30.0.54  172.20.20.20    TLSv1.2 250 Application Data
5   4.927823    10.30.0.54  172.20.20.20    TLSv1.2 251 Application Data
6   6.450208    10.30.0.54  172.20.20.20    TCP 66  47878 → 443 [ACK] Seq=1 Ack=1 Win=137 Len=0 SLE=0 SRE=1
7   13.119901   10.30.0.54  172.20.20.20    TCP 60  47816 → 443 [FIN, ACK] Seq=1 Ack=1 Win=137 Len=0
8   15.560402   10.30.0.54  172.20.20.20    TCP 66  [TCP Dup ACK 1#1] 47870 → 443 [ACK] Seq=1 Ack=1 Win=183 Len=0 SLE=4294966554 SRE=1
9   17.215836   10.30.0.54  172.20.20.20    TCP 60  [TCP Retransmission] 47878 → 443 [FIN, ACK] Seq=0 Ack=1 Win=137 Len=0
10  17.215844   10.30.0.54  172.20.20.20    TCP 60  47858 → 443 [FIN, ACK] Seq=1 Ack=1 Win=137 Len=0
11  17.215847   10.30.0.54  172.20.20.20    TCP 60  [TCP Retransmission] 47824 → 443 [FIN, ACK] Seq=0 Ack=1 Win=137 Len=0
12  17.215850   10.30.0.54  172.20.20.20    TCP 60  [TCP Retransmission] 47838 → 443 [FIN, ACK] Seq=0 Ack=1 Win=137 Len=0
13  20.430507   10.30.0.54  172.20.20.20    TCP 66  47882 → 443 [ACK] Seq=1 Ack=1 Win=126 Len=0 SLE=0 SRE=1
14  21.311882   10.30.0.54  172.20.20.20    TCP 60  [TCP Retransmission] 47870 → 443 [FIN, ACK] Seq=0 Ack=1 Win=183 Len=0
15  21.311891   10.30.0.54  172.20.20.20    TLSv1.2 1255    Application Data, Application Data
16  22.470598   10.30.0.54  172.20.20.20    TCP 66  [TCP Dup ACK 7#1] 47816 → 443 [ACK] Seq=2 Ack=1 Win=137 Len=0 SLE=0 SRE=1
17  27.170674   10.30.0.54  172.20.20.20    TCP 66  [TCP Dup ACK 10#1] 47858 → 443 [ACK] Seq=2 Ack=1 Win=137 Len=0 SLE=0 SRE=1
18  31.130797   10.30.0.54  172.20.20.20    TCP 66  [TCP Dup ACK 1#2] 47870 → 443 [ACK] Seq=1 Ack=1 Win=183 Len=0 SLE=4294966554 SRE=1
19  31.551808   10.30.0.54  172.20.20.20    TCP 250 ...

(more)

Brevoort29

asked 2023-03-29 14:54:40 +0000

edit flag offensive 0 remove flag close merge delete

Comments

The image only shows traffic from 10.30.0.54 to 172.20.20.20. Where is the traffic from 172.20.20.20 to 10.30.0.54? It would be easier to analyze with a pcap file.

BigFatCat (2023-03-29 22:14:54 +0000) edit

add a comment see more comments

New to reading dumps, can anyone tell me whats wrong here? edit

Comments

Be the first one to answer this question!

New to reading dumps, can anyone tell me whats wrong here?