Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

a tcpdump analysis from a newbie 2

Status
Not open for further replies.
robertplant

robertplant

Technical User
Dec 19, 2009
3
0
0
TR
hi ppl,
im learning tcpip and tcpdump.
I got a dump and tried explain it getting help from what ive learned so far.
I just request you to tell me if you please , if my explanation is right and if not what is the major mistake i made.

the dump attached, was gotten from my internet gateway while i was clicking a check box on a web page
that i ve been debugging.

i explain this dump as follows:


1-client makes a request from server
2-communications establishes-
3-pockets going and coming between the peers, etc..
4-client first sends a user data size of 781 bytes
5-second, server begins send pockects size of 1260 bytes
6-and keeps sending that size of pockets
7-and finaly server has been sent totaly 188205 bytes user data
8-then client sends a 528 bytes user data
9-and at last server sends 496 bytes user data
10-send and receive process comes to end at that point

Thanks in advance
Plant


_________________________________

12:49:38.589777 IP client > server: S 2425870042:2425870042(0) win 65535 <mss 1260,nop,nop,sackOK>
12:49:38.592608 IP server > client: S 3312255313:3312255313(0) ack 2425870043 win 5840 <mss 1460,nop,nop,sackOK>
12:49:38.592920 IP client > server: . ack 1 win 65535
12:49:38.600165 IP client > server: P 1:782(781) ack 1 win 65535
12:49:38.602292 IP server > client: . ack 782 win 7029
12:49:38.792972 IP server > client: . 1:1261(1260) ack 782 win 7029
12:49:38.793870 IP server > client: . 1261:2521(1260) ack 782 win 7029
12:49:38.794461 IP client > server: . ack 2521 win 65535
12:49:38.797713 IP server > client: . 2521:3781(1260) ack 782 win 7029
12:49:38.798562 IP server > client: . 3781:5041(1260) ack 782 win 7029
12:49:38.799108 IP client > server: . ack 5041 win 65535
12:49:38.799609 IP server > client: . 5041:6301(1260) ack 782 win 7029
12:49:38.801607 IP server > client: . 6301:7561(1260) ack 782 win 7029
12:49:38.802110 IP client > server: . ack 7561 win 65535
12:49:38.802455 IP server > client: P 7561:8521(960) ack 782 win 7029
12:49:38.804602 IP server > client: . 8521:9781(1260) ack 782 win 7029
12:49:38.805097 IP client > server: . ack 9781 win 65535
12:49:38.805499 IP server > client: . 9781:11041(1260) ack 782 win 7029
12:49:38.806498 IP server > client: . 11041:12301(1260) ack 782 win 7029
12:49:38.807095 IP client > server: . ack 12301 win 65535
12:49:38.807397 IP server > client: . 12301:13561(1260) ack 782 win 7029
12:49:38.808346 IP server > client: . 13561:14821(1260) ack 782 win 7029
12:49:38.808787 IP client > server: . ack 14821 win 65535
12:49:38.809244 IP server > client: . 14821:16081(1260) ack 782 win 7029
12:49:38.810092 IP server > client: P 16081:16721(640) ack 782 win 7029
12:49:38.810468 IP client > server: . ack 16721 win 65535
12:49:38.816333 IP server > client: . 16721:17981(1260) ack 782 win 7029
12:49:38.817182 IP server > client: . 17981:19241(1260) ack 782 win 7029
12:49:38.817794 IP client > server: . ack 19241 win 65535
12:49:38.818130 IP server > client: . 19241:20501(1260) ack 782 win 7029
12:49:38.818977 IP server > client: . 20501:21761(1260) ack 782 win 7029
12:49:38.819450 IP client > server: . ack 21761 win 65535
12:49:38.819926 IP server > client: . 21761:23021(1260) ack 782 win 7029
12:49:38.820825 IP server > client: . 23021:24281(1260) ack 782 win 7029
12:49:38.821453 IP client > server: . ack 24281 win 65535
12:49:38.821673 IP server > client: P 24281:24921(640) ack 782 win 7029
12:49:38.828712 IP server > client: . 24921:26181(1260) ack 782 win 7029
12:49:38.829433 IP client > server: . ack 26181 win 65535
12:49:38.829559 IP server > client: . 26181:27441(1260) ack 782 win 7029
12:49:38.830509 IP server > client: . 27441:28701(1260) ack 782 win 7029
12:49:38.831102 IP client > server: . ack 28701 win 65535
12:49:38.831357 IP server > client: . 28701:29961(1260) ack 782 win 7029
12:49:38.832307 IP server > client: . 29961:31221(1260) ack 782 win 7029
12:49:38.832764 IP client > server: . ack 31221 win 65535
12:49:38.833204 IP server > client: . 31221:32481(1260) ack 782 win 7029
12:49:38.834053 IP server > client: P 32481:33121(640) ack 782 win 7029
12:49:38.834430 IP client > server: . ack 33121 win 65535
12:49:38.841391 IP server > client: . 33121:34381(1260) ack 782 win 7029
12:49:38.842239 IP server > client: . 34381:35641(1260) ack 782 win 7029
12:49:38.842748 IP client > server: . ack 35641 win 65535
12:49:38.843187 IP server > client: . 35641:36901(1260) ack 782 win 7029
12:49:38.844036 IP server > client: . 36901:38161(1260) ack 782 win 7029
12:49:38.844746 IP client > server: . ack 38161 win 65535
12:49:38.844984 IP server > client: . 38161:39421(1260) ack 782 win 7029
12:49:38.845884 IP server > client: . 39421:40681(1260) ack 782 win 7029
12:49:38.846406 IP client > server: . ack 40681 win 65535
12:49:38.846731 IP server > client: P 40681:41321(640) ack 782 win 7029
12:49:38.853969 IP server > client: . 41321:42581(1260) ack 782 win 7029
12:49:38.854729 IP client > server: . ack 42581 win 65535
12:49:38.854817 IP server > client: . 42581:43841(1260) ack 782 win 7029
12:49:38.855767 IP server > client: . 43841:45101(1260) ack 782 win 7029
12:49:38.856392 IP client > server: . ack 45101 win 65535
12:49:38.856615 IP server > client: . 45101:46361(1260) ack 782 win 7029
12:49:38.857564 IP server > client: . 46361:47621(1260) ack 782 win 7029
12:49:38.858056 IP client > server: . ack 47621 win 65535
12:49:38.858462 IP server > client: . 47621:48881(1260) ack 782 win 7029
12:49:38.859310 IP server > client: P 48881:49521(640) ack 782 win 7029
12:49:38.859717 IP client > server: . ack 49521 win 65535
12:49:38.866898 IP server > client: . 49521:50781(1260) ack 782 win 7029
12:49:38.867797 IP server > client: . 50781:52041(1260) ack 782 win 7029
12:49:38.868244 IP client > server: . ack 52041 win 65535
12:49:38.868695 IP server > client: . 52041:53301(1260) ack 782 win 7029
12:49:38.869594 IP server > client: . 53301:54561(1260) ack 782 win 7029
12:49:38.870267 IP client > server: . ack 54561 win 65535
12:49:38.870492 IP server > client: . 54561:55821(1260) ack 782 win 7029
12:49:38.871441 IP server > client: . 55821:57081(1260) ack 782 win 7029
12:49:38.871930 IP client > server: . ack 57081 win 65535
12:49:38.872240 IP server > client: P 57081:57721(640) ack 782 win 7029
12:49:38.879377 IP server > client: . 57721:58981(1260) ack 782 win 7029
12:49:38.879921 IP client > server: . ack 58981 win 65535
12:49:38.880276 IP server > client: . 58981:60241(1260) ack 782 win 7029
12:49:38.881226 IP server > client: . 60241:61501(1260) ack 782 win 7029
12:49:38.881915 IP client > server: . ack 61501 win 65535
12:49:38.882174 IP server > client: . 61501:62761(1260) ack 782 win 7029
12:49:38.883072 IP server > client: . 62761:64021(1260) ack 782 win 7029
12:49:38.883574 IP client > server: . ack 64021 win 65535
12:49:38.884020 IP server > client: . 64021:65281(1260) ack 782 win 7029
12:49:38.884818 IP server > client: P 65281:65921(640) ack 782 win 7029
12:49:38.885242 IP client > server: . ack 65921 win 65535
12:49:38.893605 IP server > client: . 65921:67181(1260) ack 782 win 7029
12:49:38.894503 IP server > client: . 67181:68441(1260) ack 782 win 7029
12:49:38.894948 IP client > server: . ack 68441 win 65535
12:49:38.895452 IP server > client: . 68441:69701(1260) ack 782 win 7029
12:49:38.896350 IP server > client: . 69701:70961(1260) ack 782 win 7029
12:49:38.896872 IP client > server: . ack 70961 win 65535
12:49:38.897248 IP server > client: . 70961:72221(1260) ack 782 win 7029
12:49:38.898147 IP server > client: . 72221:73481(1260) ack 782 win 7029
12:49:38.898867 IP client > server: . ack 73481 win 65535
12:49:38.898995 IP server > client: P 73481:74121(640) ack 782 win 7029
12:49:38.904735 IP server > client: . 74121:75381(1260) ack 782 win 7029
12:49:38.905189 IP client > server: . ack 75381 win 65535
12:49:38.905634 IP server > client: . 75381:76641(1260) ack 782 win 7029
12:49:38.906533 IP server > client: . 76641:77901(1260) ack 782 win 7029
12:49:38.907187 IP client > server: . ack 77901 win 65535
12:49:38.907431 IP server > client: . 77901:79161(1260) ack 782 win 7029
12:49:38.908330 IP server > client: . 79161:80421(1260) ack 782 win 7029
12:49:38.908846 IP client > server: . ack 80421 win 65535
12:49:38.909228 IP server > client: . 80421:81681(1260) ack 782 win 7029
12:49:38.910077 IP server > client: P 81681:82321(640) ack 782 win 7029
12:49:38.910514 IP client > server: . ack 82321 win 65535
12:49:38.916965 IP server > client: . 82321:83581(1260) ack 782 win 7029
12:49:38.917864 IP server > client: . 83581:84841(1260) ack 782 win 7029
12:49:38.918502 IP client > server: . ack 84841 win 65535
12:49:38.918762 IP server > client: . 84841:86101(1260) ack 782 win 7029
12:49:38.919661 IP server > client: . 86101:87361(1260) ack 782 win 7029
12:49:38.920164 IP client > server: . ack 87361 win 65535
12:49:38.920609 IP server > client: . 87361:88621(1260) ack 782 win 7029
12:49:38.921508 IP server > client: . 88621:89881(1260) ack 782 win 7029
12:49:38.922162 IP client > server: . ack 89881 win 65535
12:49:38.922306 IP server > client: P 89881:90521(640) ack 782 win 7029
12:49:38.929445 IP server > client: . 90521:91781(1260) ack 782 win 7029
12:49:38.930153 IP client > server: . ack 91781 win 65535
12:49:38.930293 IP server > client: . 91781:93041(1260) ack 782 win 7029
12:49:38.931242 IP server > client: . 93041:94301(1260) ack 782 win 7029
12:49:38.931813 IP client > server: . ack 94301 win 65535
12:49:38.932090 IP server > client: . 94301:95561(1260) ack 782 win 7029
12:49:38.933038 IP server > client: . 95561:96821(1260) ack 782 win 7029
12:49:38.933528 IP client > server: . ack 96821 win 65535
12:49:38.934037 IP server > client: . 96821:98081(1260) ack 782 win 7029
12:49:38.934837 IP server > client: P 98081:98721(640) ack 782 win 7029
12:49:38.935189 IP client > server: . ack 98721 win 65535
12:49:38.941428 IP server > client: . 98721:99981(1260) ack 782 win 7029
12:49:38.942273 IP server > client: . 99981:101241(1260) ack 782 win 7029
12:49:38.942851 IP client > server: . ack 101241 win 65535
12:49:38.943222 IP server > client: . 101241:102501(1260) ack 782 win 7029
12:49:38.944071 IP server > client: . 102501:103761(1260) ack 782 win 7029
12:49:38.944845 IP client > server: . ack 103761 win 65535
12:49:38.945019 IP server > client: . 103761:105021(1260) ack 782 win 7029
12:49:38.945917 IP server > client: . 105021:106281(1260) ack 782 win 7029
12:49:38.946505 IP client > server: . ack 106281 win 65535
12:49:38.946766 IP server > client: P 106281:106921(640) ack 782 win 7029
12:49:38.953107 IP server > client: . 106921:108181(1260) ack 782 win 7029
12:49:38.953840 IP client > server: . ack 108181 win 65535
12:49:38.954004 IP server > client: . 108181:109441(1260) ack 782 win 7029
12:49:38.954903 IP server > client: . 109441:110701(1260) ack 782 win 7029
12:49:38.955495 IP client > server: . ack 110701 win 65535
12:49:38.955800 IP server > client: . 110701:111961(1260) ack 782 win 7029
12:49:38.956700 IP server > client: . 111961:113221(1260) ack 782 win 7029
12:49:38.957152 IP client > server: . ack 113221 win 65535
12:49:38.957647 IP server > client: . 113221:114481(1260) ack 782 win 7029
12:49:38.958447 IP server > client: P 114481:115121(640) ack 782 win 7029
12:49:38.958823 IP client > server: . ack 115121 win 65535
12:49:38.964839 IP server > client: . 115121:116381(1260) ack 782 win 7029
12:49:38.965685 IP server > client: . 116381:117641(1260) ack 782 win 7029
12:49:38.966142 IP client > server: . ack 117641 win 65535
12:49:38.966633 IP server > client: . 117641:118901(1260) ack 782 win 7029
12:49:38.967482 IP server > client: . 118901:120161(1260) ack 782 win 7029
12:49:38.968137 IP client > server: . ack 120161 win 65535
12:49:38.968430 IP server > client: . 120161:121421(1260) ack 782 win 7029
12:49:38.969329 IP server > client: . 121421:122681(1260) ack 782 win 7029
12:49:38.969801 IP client > server: . ack 122681 win 65535
12:49:38.970177 IP server > client: P 122681:123321(640) ack 782 win 7029
12:49:38.976618 IP server > client: . 123321:124581(1260) ack 782 win 7029
12:49:38.977124 IP client > server: . ack 124581 win 65535
12:49:38.977465 IP server > client: . 124581:125841(1260) ack 782 win 7029
12:49:38.978415 IP server > client: . 125841:127101(1260) ack 782 win 7029
12:49:38.979120 IP client > server: . ack 127101 win 65535
12:49:38.979312 IP server > client: . 127101:128361(1260) ack 782 win 7029
12:49:38.980211 IP server > client: . 128361:129621(1260) ack 782 win 7029
12:49:38.980779 IP client > server: . ack 129621 win 65535
12:49:38.981109 IP server > client: . 129621:130881(1260) ack 782 win 7029
12:49:38.981957 IP server > client: P 130881:131521(640) ack 782 win 7029
12:49:38.982449 IP client > server: . ack 131521 win 65535
12:49:38.988422 IP server > client: . 131521:132781(1260) ack 782 win 7029
12:49:38.989281 IP server > client: . 132781:134041(1260) ack 782 win 7029
12:49:38.989775 IP client > server: . ack 134041 win 65535
12:49:38.990181 IP server > client: . 134041:135301(1260) ack 782 win 7029
12:49:38.991080 IP server > client: . 135301:136561(1260) ack 782 win 7029
12:49:38.991764 IP client > server: . ack 136561 win 65535
12:49:38.991978 IP server > client: . 136561:137821(1260) ack 782 win 7029
12:49:38.992927 IP server > client: . 137821:139081(1260) ack 782 win 7029
12:49:38.993428 IP client > server: . ack 139081 win 65535
12:49:38.993725 IP server > client: P 139081:139721(640) ack 782 win 7029
12:49:38.996870 IP server > client: . 139721:140981(1260) ack 782 win 7029
12:49:38.997418 IP client > server: . ack 140981 win 65535
12:49:38.997768 IP server > client: . 140981:142241(1260) ack 782 win 7029
12:49:38.998668 IP server > client: . 142241:143501(1260) ack 782 win 7029
12:49:38.999418 IP client > server: . ack 143501 win 65535
12:49:38.999565 IP server > client: . 143501:144761(1260) ack 782 win 7029
12:49:39.000465 IP server > client: . 144761:146021(1260) ack 782 win 7029
12:49:39.001078 IP client > server: . ack 146021 win 65535
12:49:39.001512 IP server > client: . 146021:147281(1260) ack 782 win 7029
12:49:39.002310 IP server > client: P 147281:147921(640) ack 782 win 7029
12:49:39.002745 IP client > server: . ack 147921 win 65535
12:49:39.005459 IP server > client: . 147921:149181(1260) ack 782 win 7029
12:49:39.006355 IP server > client: . 149181:150441(1260) ack 782 win 7029
12:49:39.007074 IP client > server: . ack 150441 win 65535
12:49:39.007253 IP server > client: . 150441:151701(1260) ack 782 win 7029
12:49:39.008152 IP server > client: . 151701:152961(1260) ack 782 win 7029
12:49:39.008737 IP client > server: . ack 152961 win 65535
12:49:39.009050 IP server > client: . 152961:154221(1260) ack 782 win 7029
12:49:39.009948 IP server > client: . 154221:155481(1260) ack 782 win 7029
12:49:39.010397 IP client > server: . ack 155481 win 65535
12:49:39.010797 IP server > client: P 155481:156121(640) ack 782 win 7029
12:49:39.014543 IP server > client: . 156121:157381(1260) ack 782 win 7029
12:49:39.015057 IP client > server: . ack 157381 win 65535
12:49:39.015391 IP server > client: . 157381:158641(1260) ack 782 win 7029
12:49:39.016338 IP server > client: . 158641:159901(1260) ack 782 win 7029
12:49:39.017057 IP client > server: . ack 159901 win 65535
12:49:39.017187 IP server > client: . 159901:161161(1260) ack 782 win 7029
12:49:39.018136 IP server > client: . 161161:162421(1260) ack 782 win 7029
12:49:39.018567 IP client > server: . ack 162421 win 65535
12:49:39.019034 IP server > client: . 162421:163681(1260) ack 782 win 7029
12:49:39.019882 IP server > client: P 163681:164321(640) ack 782 win 7029
12:49:39.020249 IP client > server: . ack 164321 win 65535
12:49:39.023427 IP server > client: . 164321:165581(1260) ack 782 win 7029
12:49:39.024325 IP server > client: . 165581:166841(1260) ack 782 win 7029
12:49:39.024908 IP client > server: . ack 166841 win 65535
12:49:39.025223 IP server > client: . 166841:168101(1260) ack 782 win 7029
12:49:39.026122 IP server > client: . 168101:169361(1260) ack 782 win 7029
12:49:39.026570 IP client > server: . ack 169361 win 65535
12:49:39.027120 IP server > client: . 169361:170621(1260) ack 782 win 7029
12:49:39.028017 IP server > client: . 170621:171881(1260) ack 782 win 7029
12:49:39.028566 IP client > server: . ack 171881 win 65535
12:49:39.028867 IP server > client: P 171881:172521(640) ack 782 win 7029
12:49:39.034957 IP server > client: . 172521:173781(1260) ack 782 win 7029
12:49:39.035555 IP client > server: . ack 173781 win 65535
12:49:39.035806 IP server > client: . 173781:175041(1260) ack 782 win 7029
12:49:39.036754 IP server > client: . 175041:176301(1260) ack 782 win 7029
12:49:39.037222 IP client > server: . ack 176301 win 65535
12:49:39.037603 IP server > client: . 176301:177561(1260) ack 782 win 7029
12:49:39.038552 IP server > client: . 177561:178821(1260) ack 782 win 7029
12:49:39.039217 IP client > server: . ack 178821 win 65535
12:49:39.039450 IP server > client: . 178821:180081(1260) ack 782 win 7029
12:49:39.040298 IP server > client: P 180081:180721(640) ack 782 win 7029
12:49:39.040877 IP client > server: . ack 180721 win 65535
12:49:39.044592 IP server > client: . 180721:181981(1260) ack 782 win 7029
12:49:39.045440 IP server > client: . 181981:183241(1260) ack 782 win 7029
12:49:39.046205 IP client > server: . ack 183241 win 65535
12:49:39.046388 IP server > client: . 183241:184501(1260) ack 782 win 7029
12:49:39.047237 IP server > client: . 184501:185761(1260) ack 782 win 7029
12:49:39.047864 IP client > server: . ack 185761 win 65535
12:49:39.048186 IP server > client: . 185761:187021(1260) ack 782 win 7029
12:49:39.049084 IP server > client: P 187021:188199(1178) ack 782 win 7029
12:49:39.049532 IP client > server: . ack 188199 win 65535
12:49:39.049832 IP server > client: P 188199:188204(5) ack 782 win 7029
12:49:39.049843 IP server > client: F 188204:188204(0) ack 782 win 7029
12:49:39.050206 IP client > server: . ack 188205 win 65530
12:49:39.051211 IP client > server: F 782:782(0) ack 188205 win 65530
12:49:39.052928 IP server > client: . ack 783 win 7029
12:49:39.432549 IP 192.168.1.50.4650 > server: S 509027558:509027558(0) win 65535 <mss 1260,nop,nop,sackOK>
12:49:39.434818 IP server > 192.168.1.50.4650: S 3317018810:3317018810(0) ack 509027559 win 5840 <mss 1460,nop,nop,sackOK>
12:49:39.435036 IP 192.168.1.50.4650 > server: . ack 1 win 65535
12:49:39.815158 IP 192.168.1.50.4650 > server: P 1:529(528) ack 1 win 65535
12:49:39.817668 IP server > 192.168.1.50.4650: . ack 529 win 6432
12:49:39.821911 IP server > 192.168.1.50.4650: P 1:497(496) ack 529 win 6432
12:49:39.822259 IP server > 192.168.1.50.4650: F 497:497(0) ack 529 win 6432
12:49:39.822456 IP 192.168.1.50.4650 > server: . ack 498 win 65039
12:49:39.822834 IP 192.168.1.50.4650 > server: F 529:529(0) ack 498 win 65039
12:49:39.825654 IP server > 192.168.1.50.4650: . ack 530 win 6432




 
Sort by date Sort by votes
i suppose you are correct. what are you trying to figure out? is the size of the data what you really want to analize?
 
Upvote 0 Downvote
syn---synack---ack---transmit---finack---fin

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Upvote 0 Downvote
this data transmission occures by clicking on a checkbox in a web page (supposing its doing some stuff in the database on the back stage there) and i think its quite high and will cause bandwidth problems in case of usage in multiuser environments.. Many Thanks for your interest and time
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
156
Zebad
Zebad
robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
134
robocat
robocat
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
158
sbcsu
sbcsu
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
127
Vedant Gonnade
Vedant Gonnade
Vitor Fernandes-Neto
  • Locked
  • Question
Ldap authentication in classic asp, retrieving givenname, displayname etc
Replies
0
Views
165
Vitor Fernandes-Neto
Vitor Fernandes-Neto

Part and Inventory Search

Sponsor

Back
Top