tcpdump 로그에 대한 문의
작성자 정보
- 이상봉 작성
- 작성일
컨텐츠 정보
- 2,361 조회
- 0 추천
- 목록
본문
제가 사용하는 IP : 192.168.10.106
테스트용 서버 IP : 192.168.10.102
ssh 로 접속하여 tcpdump를 해보면 아래와같은 로그가 초당 계속올라갑니다. 그래서 다른 다른 포트에서 접속된 기록을 보는데 힘드네요.
tcpdump not port 22 이렇게 하면 로그가 안나오긴 하지만 ssh에 대한 로그를 볼 수가 없어서요. 질문내용은 왜 명령어를 치지 않아도 아래와 같은 패킷이 계속 발생하는지 모르겠구요. 또 하나 포트 22를 막지않고 해결할 수 있는 방법이 있을까요?
08:12:59.817207 192.168.10.102.ssh > 192.168.10.106.2011: P 16260:16472(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.827201 192.168.10.102.ssh > 192.168.10.106.2011: P 16472:16604(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.828675 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 16604 win 64159 (DF)
08:12:59.837220 192.168.10.102.ssh > 192.168.10.106.2011: P 16604:16816(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.847201 192.168.10.102.ssh > 192.168.10.106.2011: P 16816:16948(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.848660 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 16948 win 65535 (DF)
08:12:59.857207 192.168.10.102.ssh > 192.168.10.106.2011: P 16948:17160(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.867199 192.168.10.102.ssh > 192.168.10.106.2011: P 17160:17292(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.868672 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 17292 win 65191 (DF)
08:12:59.877208 192.168.10.102.ssh > 192.168.10.106.2011: P 17292:17504(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.887199 192.168.10.102.ssh > 192.168.10.106.2011: P 17504:17636(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.888665 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 17636 win 64847 (DF)
08:12:59.897208 192.168.10.102.ssh > 192.168.10.106.2011: P 17636:17848(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.907200 192.168.10.102.ssh > 192.168.10.106.2011: P 17848:17980(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.908666 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 17980 win 64503 (DF)
08:12:59.917210 192.168.10.102.ssh > 192.168.10.106.2011: P 17980:18192(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.927201 192.168.10.102.ssh > 192.168.10.106.2011: P 18192:18324(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.928666 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 18324 win 64159 (DF)
08:12:59.937208 192.168.10.102.ssh > 192.168.10.106.2011: P 18324:18536(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.947202 192.168.10.102.ssh > 192.168.10.106.2011: P 18536:18668(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.948669 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 18668 win 65535 (DF)
08:12:59.957207 192.168.10.102.ssh > 192.168.10.106.2011: P 18668:18880(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.967202 192.168.10.102.ssh > 192.168.10.106.2011: P 18880:19012(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.968667 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 19012 win 65191 (DF)
08:12:59.977207 192.168.10.102.ssh > 192.168.10.106.2011: P 19012:19224(212) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.987198 192.168.10.102.ssh > 192.168.10.106.2011: P 19224:19356(132) ack 1 win 26280 (DF) [tos 0x10]
08:12:59.988666 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 19356 win 64847 (DF)
08:12:59.997208 192.168.10.102.ssh > 192.168.10.106.2011: P 19356:19568(212) ack 1 win 26280 (DF) [tos 0x10]
08:13:00.007202 192.168.10.102.ssh > 192.168.10.106.2011: P 19568:19700(132) ack 1 win 26280 (DF) [tos 0x10]
08:13:00.008669 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 19700 win 64503 (DF)
08:13:00.021955 192.168.10.102.ssh > 192.168.10.106.2011: P 19700:19912(212) ack 1 win 26280 (DF) [tos 0x10]
08:13:00.027204 192.168.10.102.ssh > 192.168.10.106.2011: P 19912:20044(132) ack 1 win 26280 (DF) [tos 0x10]
08:13:00.028664 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 20044 win 64159 (DF)
08:13:00.037207 192.168.10.102.ssh > 192.168.10.106.2011: P 20044:20256(212) ack 1 win 26280 (DF) [tos 0x10]
08:13:00.047201 192.168.10.102.ssh > 192.168.10.106.2011: P 20256:20388(132) ack 1 win 26280 (DF) [tos 0x10]
08:13:00.048671 192.168.10.106.2011 > 192.168.10.102.ssh: . ack 20388 win 65535 (DF)
관련자료
-
이전
-
다음
