|
> it's a bit of a puzzle. You're probably the only person who can find
> out what these packets are about, but they may not be part of your
> problem
I started to understand what you mean :P Now I understand some of these strange
entries are actually generated by my "client", which is plugged on the same
wire.... I am using it to connect to the internet, and those PPPoE packet...
don't laugh! I am a newbie :)
> (you should find out why you're sending packets to 192.168.0.1).
If you have time, please suggest some method so that I can do that. Otherwise,
let's deal with the main problem first.
> What you're looking for is packets "associated" with the telnet
> SYN packet that happen between the SYN and the connection. These might
> be
> arp packets
> packets to the client (possibly director)
> that have IPs or ports associated with your telnet connection.
Yes, there are arp packet, and in-addr.arpa packet... but the log is quite
messed up with other "unrelated" info..... Can you suggest some tcpdump filter
arguments for me? Now I use "tcpdump port telnet" but it will filter away all
other info...
Regards
Michael Lee
M.Phil Student, HKUCSIS
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
|
