From 60f7b3dd0d4ee01d162cf64445dbe0651e3a321d Mon Sep 17 00:00:00 2001 From: cc Date: Mon, 3 Mar 2025 15:43:00 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=20RG5000.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- RG5000.md | 1721 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1721 insertions(+) create mode 100644 RG5000.md diff --git a/RG5000.md b/RG5000.md new file mode 100644 index 0000000..3ade7e9 --- /dev/null +++ b/RG5000.md @@ -0,0 +1,1721 @@ +``` shell +No. Time Source Destination Protocol Length Info + 11507 106.218132 133.80.115.89 133.80.1.1 TCP 74 45505 → 22 [SYN] Seq=0 Win=64440 Len=0 MSS=1432 SACK_PERM TSval=3862862045 TSecr=0 WS=128 + +Frame 11507: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 0, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 1] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 0 (relative sequence number) + Sequence Number (raw): 3459181221 + [Next Sequence Number: 1 (relative sequence number)] + Acknowledgment Number: 0 + Acknowledgment number (raw): 0 + 1010 .... = Header Length: 40 bytes (10) + Flags: 0x002 (SYN) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...0 .... = Acknowledgment: Not set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..1. = Syn: Set + .... .... ...0 = Fin: Not set + [TCP Flags: ··········S·] + Window: 64440 + [Calculated window size: 64440] + Checksum: 0xe39f [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale + [Timestamps] + +No. Time Source Destination Protocol Length Info + 11508 106.218711 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [SYN, ACK] Seq=0 Ack=1 Win=4096 Len=0 MSS=536 + +Frame 11508: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 0, Ack: 1, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 2] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 0 (relative sequence number) + Sequence Number (raw): 220458938 + [Next Sequence Number: 1 (relative sequence number)] + Acknowledgment Number: 1 (relative ack number) + Acknowledgment number (raw): 3459181222 + 0110 .... = Header Length: 24 bytes (6) + Flags: 0x012 (SYN, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..1. = Syn: Set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A··S·] + Window: 4096 + [Calculated window size: 4096] + Checksum: 0xa52c [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + Options: (4 bytes), Maximum segment size + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11509 106.219066 133.80.115.89 133.80.1.1 TCP 54 45505 → 22 [ACK] Seq=1 Ack=1 Win=64440 Len=0 + +Frame 11509: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 1, Ack: 1, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 3] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1 (relative sequence number) + Sequence Number (raw): 3459181222 + [Next Sequence Number: 1 (relative sequence number)] + Acknowledgment Number: 1 (relative ack number) + Acknowledgment number (raw): 220458939 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 64440 + [Calculated window size: 64440] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xcd94 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11510 106.225741 133.80.1.1 133.80.115.89 SSHv2 75 Server: Protocol (SSH-2.0-RGOS_PK3223) + +Frame 11510: 75 bytes on wire (600 bits), 75 bytes captured (600 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1, Ack: 1, Len: 21 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 4] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 21] + Sequence Number: 1 (relative sequence number) + Sequence Number (raw): 220458939 + [Next Sequence Number: 22 (relative sequence number)] + Acknowledgment Number: 1 (relative ack number) + Acknowledgment number (raw): 3459181222 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xfff6 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (21 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11511 106.226133 133.80.115.89 133.80.1.1 TCP 54 45505 → 22 [ACK] Seq=1 Ack=22 Win=64419 Len=0 + +Frame 11511: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 1, Ack: 22, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 5] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1 (relative sequence number) + Sequence Number (raw): 3459181222 + [Next Sequence Number: 1 (relative sequence number)] + Acknowledgment Number: 22 (relative ack number) + Acknowledgment number (raw): 220458960 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 64419 + [Calculated window size: 64419] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xcd94 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11513 106.246987 133.80.115.89 133.80.1.1 SSHv2 76 Client: Protocol (SSH-2.0-ssh2js1.16.0) + +Frame 11513: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 1, Ack: 22, Len: 22 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 6] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 22] + Sequence Number: 1 (relative sequence number) + Sequence Number (raw): 3459181222 + [Next Sequence Number: 23 (relative sequence number)] + Acknowledgment Number: 22 (relative ack number) + Acknowledgment number (raw): 220458960 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64419 + [Calculated window size: 64419] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xebe2 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (22 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11514 106.247518 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=22 Ack=23 Win=4074 Len=0 + +Frame 11514: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 22, Ack: 23, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 7] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 22 (relative sequence number) + Sequence Number (raw): 220458960 + [Next Sequence Number: 22 (relative sequence number)] + Acknowledgment Number: 23 (relative ack number) + Acknowledgment number (raw): 3459181244 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4074 + [Calculated window size: 4074] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb938 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11515 106.248211 133.80.115.89 133.80.1.1 SSHv2 518 Client: Key Exchange Init + +Frame 11515: 518 bytes on wire (4144 bits), 518 bytes captured (4144 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 23, Ack: 22, Len: 464 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 8] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 464] + Sequence Number: 23 (relative sequence number) + Sequence Number (raw): 3459181244 + [Next Sequence Number: 487 (relative sequence number)] + Acknowledgment Number: 22 (relative ack number) + Acknowledgment number (raw): 220458960 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64419 + [Calculated window size: 64419] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x6f54 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (464 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11516 106.248887 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=22 Ack=487 Win=3632 Len=0 + +Frame 11516: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 22, Ack: 487, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 9] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 22 (relative sequence number) + Sequence Number (raw): 220458960 + [Next Sequence Number: 22 (relative sequence number)] + Acknowledgment Number: 487 (relative ack number) + Acknowledgment number (raw): 3459181708 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 3632 + [Calculated window size: 3632] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb922 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11517 106.249771 133.80.1.1 133.80.115.89 SSHv2 470 Server: Key Exchange Init + +Frame 11517: 470 bytes on wire (3760 bits), 470 bytes captured (3760 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 22, Ack: 487, Len: 416 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 10] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 416] + Sequence Number: 22 (relative sequence number) + Sequence Number (raw): 220458960 + [Next Sequence Number: 438 (relative sequence number)] + Acknowledgment Number: 487 (relative ack number) + Acknowledgment number (raw): 3459181708 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 3632 + [Calculated window size: 3632] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xdbfc [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (416 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11519 106.293029 133.80.115.89 133.80.1.1 SSHv2 198 Client: Diffie-Hellman Key Exchange Init + +Frame 11519: 198 bytes on wire (1584 bits), 198 bytes captured (1584 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 487, Ack: 438, Len: 144 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 11] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 144] + Sequence Number: 487 (relative sequence number) + Sequence Number (raw): 3459181708 + [Next Sequence Number: 631 (relative sequence number)] + Acknowledgment Number: 438 (relative ack number) + Acknowledgment number (raw): 220459376 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb3c2 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (144 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11520 106.293704 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=438 Ack=631 Win=3952 Len=0 + +Frame 11520: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 438, Ack: 631, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 12] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 438 (relative sequence number) + Sequence Number (raw): 220459376 + [Next Sequence Number: 438 (relative sequence number)] + Acknowledgment Number: 631 (relative ack number) + Acknowledgment number (raw): 3459181852 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 3952 + [Calculated window size: 3952] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb5b2 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11567 107.285497 133.80.1.1 133.80.115.89 SSHv2 518 Server: Diffie-Hellman Key Exchange Reply, New Keys + +Frame 11567: 518 bytes on wire (4144 bits), 518 bytes captured (4144 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 438, Ack: 631, Len: 464 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 13] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 464] + Sequence Number: 438 (relative sequence number) + Sequence Number (raw): 220459376 + [Next Sequence Number: 902 (relative sequence number)] + Acknowledgment Number: 631 (relative ack number) + Acknowledgment number (raw): 3459181852 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x0c65 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (464 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11568 107.287987 133.80.115.89 133.80.1.1 SSHv2 70 Client: New Keys + +Frame 11568: 70 bytes on wire (560 bits), 70 bytes captured (560 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 631, Ack: 902, Len: 16 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 14] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 16] + Sequence Number: 631 (relative sequence number) + Sequence Number (raw): 3459181852 + [Next Sequence Number: 647 (relative sequence number)] + Acknowledgment Number: 902 (relative ack number) + Acknowledgment number (raw): 220459840 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xa35a [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (16 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11569 107.288646 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=902 Ack=647 Win=4080 Len=0 + +Frame 11569: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 902, Ack: 647, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 15] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 902 (relative sequence number) + Sequence Number (raw): 220459840 + [Next Sequence Number: 902 (relative sequence number)] + Acknowledgment Number: 647 (relative ack number) + Acknowledgment number (raw): 3459181868 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4080 + [Calculated window size: 4080] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb352 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11572 107.313790 133.80.115.89 133.80.1.1 SSHv2 86 Client: Encrypted packet (len=32) + +Frame 11572: 86 bytes on wire (688 bits), 86 bytes captured (688 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 647, Ack: 902, Len: 32 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 16] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 32] + Sequence Number: 647 (relative sequence number) + Sequence Number (raw): 3459181868 + [Next Sequence Number: 679 (relative sequence number)] + Acknowledgment Number: 902 (relative ack number) + Acknowledgment number (raw): 220459840 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x350a [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (32 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11573 107.314402 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=902 Ack=679 Win=4064 Len=0 + +Frame 11573: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 902, Ack: 679, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 17] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 902 (relative sequence number) + Sequence Number (raw): 220459840 + [Next Sequence Number: 902 (relative sequence number)] + Acknowledgment Number: 679 (relative ack number) + Acknowledgment number (raw): 3459181900 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4064 + [Calculated window size: 4064] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb342 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11574 107.315100 133.80.115.89 133.80.1.1 SSHv2 74 Encrypted packet (len=20)[Malformed Packet] + +Frame 11574: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 679, Ack: 902, Len: 20 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 18] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 20] + Sequence Number: 679 (relative sequence number) + Sequence Number (raw): 3459181900 + [Next Sequence Number: 699 (relative sequence number)] + Acknowledgment Number: 902 (relative ack number) + Acknowledgment number (raw): 220459840 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x843f [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (20 bytes) +SSH Protocol +[Malformed Packet: SSH] + +No. Time Source Destination Protocol Length Info + 11575 107.315686 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=902 Ack=699 Win=4076 Len=0 + +Frame 11575: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 902, Ack: 699, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 19] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 902 (relative sequence number) + Sequence Number (raw): 220459840 + [Next Sequence Number: 902 (relative sequence number)] + Acknowledgment Number: 699 (relative ack number) + Acknowledgment number (raw): 3459181920 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4076 + [Calculated window size: 4076] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb322 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11576 107.316471 133.80.1.1 133.80.115.89 SSHv2 106 Server: Encrypted packet (len=52) + +Frame 11576: 106 bytes on wire (848 bits), 106 bytes captured (848 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 902, Ack: 699, Len: 52 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 20] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 52] + Sequence Number: 902 (relative sequence number) + Sequence Number (raw): 220459840 + [Next Sequence Number: 954 (relative sequence number)] + Acknowledgment Number: 699 (relative ack number) + Acknowledgment number (raw): 3459181920 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x3083 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (52 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11577 107.319386 133.80.115.89 133.80.1.1 SSHv2 102 Client: Encrypted packet (len=48) + +Frame 11577: 102 bytes on wire (816 bits), 102 bytes captured (816 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 699, Ack: 954, Len: 48 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 21] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 48] + Sequence Number: 699 (relative sequence number) + Sequence Number (raw): 3459181920 + [Next Sequence Number: 747 (relative sequence number)] + Acknowledgment Number: 954 (relative ack number) + Acknowledgment number (raw): 220459892 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xf281 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (48 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11578 107.320012 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=954 Ack=747 Win=4048 Len=0 + +Frame 11578: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 954, Ack: 747, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 22] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 954 (relative sequence number) + Sequence Number (raw): 220459892 + [Next Sequence Number: 954 (relative sequence number)] + Acknowledgment Number: 747 (relative ack number) + Acknowledgment number (raw): 3459181968 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4048 + [Calculated window size: 4048] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb2da [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11579 107.320626 133.80.115.89 133.80.1.1 SSHv2 74 Encrypted packet (len=20)[Malformed Packet] + +Frame 11579: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 747, Ack: 954, Len: 20 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 23] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 20] + Sequence Number: 747 (relative sequence number) + Sequence Number (raw): 3459181968 + [Next Sequence Number: 767 (relative sequence number)] + Acknowledgment Number: 954 (relative ack number) + Acknowledgment number (raw): 220459892 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x3a11 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (20 bytes) +SSH Protocol +[Malformed Packet: SSH] + +No. Time Source Destination Protocol Length Info + 11580 107.321223 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=954 Ack=767 Win=4076 Len=0 + +Frame 11580: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 954, Ack: 767, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 24] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 954 (relative sequence number) + Sequence Number (raw): 220459892 + [Next Sequence Number: 954 (relative sequence number)] + Acknowledgment Number: 767 (relative ack number) + Acknowledgment number (raw): 3459181988 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4076 + [Calculated window size: 4076] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb2aa [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11581 107.322530 133.80.1.1 133.80.115.89 SSHv2 114 Server: Encrypted packet (len=60) + +Frame 11581: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 954, Ack: 767, Len: 60 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 25] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 60] + Sequence Number: 954 (relative sequence number) + Sequence Number (raw): 220459892 + [Next Sequence Number: 1014 (relative sequence number)] + Acknowledgment Number: 767 (relative ack number) + Acknowledgment number (raw): 3459181988 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x2e65 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (60 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11582 107.324670 133.80.115.89 133.80.1.1 SSHv2 118 Client: Encrypted packet (len=64) + +Frame 11582: 118 bytes on wire (944 bits), 118 bytes captured (944 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 767, Ack: 1014, Len: 64 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 26] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 64] + Sequence Number: 767 (relative sequence number) + Sequence Number (raw): 3459181988 + [Next Sequence Number: 831 (relative sequence number)] + Acknowledgment Number: 1014 (relative ack number) + Acknowledgment number (raw): 220459952 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x825a [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (64 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11583 107.325361 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=1014 Ack=831 Win=4032 Len=0 + +Frame 11583: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1014, Ack: 831, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 27] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1014 (relative sequence number) + Sequence Number (raw): 220459952 + [Next Sequence Number: 1014 (relative sequence number)] + Acknowledgment Number: 831 (relative ack number) + Acknowledgment number (raw): 3459182052 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4032 + [Calculated window size: 4032] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb25a [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11584 107.325804 133.80.115.89 133.80.1.1 SSHv2 74 Encrypted packet (len=20)[Malformed Packet] + +Frame 11584: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 831, Ack: 1014, Len: 20 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 28] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 20] + Sequence Number: 831 (relative sequence number) + Sequence Number (raw): 3459182052 + [Next Sequence Number: 851 (relative sequence number)] + Acknowledgment Number: 1014 (relative ack number) + Acknowledgment number (raw): 220459952 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x9e64 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (20 bytes) +SSH Protocol +[Malformed Packet: SSH] + +No. Time Source Destination Protocol Length Info + 11585 107.326387 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=1014 Ack=851 Win=4076 Len=0 + +Frame 11585: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1014, Ack: 851, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 29] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1014 (relative sequence number) + Sequence Number (raw): 220459952 + [Next Sequence Number: 1014 (relative sequence number)] + Acknowledgment Number: 851 (relative ack number) + Acknowledgment number (raw): 3459182072 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4076 + [Calculated window size: 4076] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb21a [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11586 107.327224 133.80.1.1 133.80.115.89 SSHv2 90 Server: Encrypted packet (len=36) + +Frame 11586: 90 bytes on wire (720 bits), 90 bytes captured (720 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1014, Ack: 851, Len: 36 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 30] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 36] + Sequence Number: 1014 (relative sequence number) + Sequence Number (raw): 220459952 + [Next Sequence Number: 1050 (relative sequence number)] + Acknowledgment Number: 851 (relative ack number) + Acknowledgment number (raw): 3459182072 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x5762 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (36 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11587 107.370454 133.80.115.89 133.80.1.1 TCP 54 45505 → 22 [ACK] Seq=851 Ack=1050 Win=64003 Len=0 + +Frame 11587: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 851, Ack: 1050, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 31] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 851 (relative sequence number) + Sequence Number (raw): 3459182072 + [Next Sequence Number: 851 (relative sequence number)] + Acknowledgment Number: 1050 (relative ack number) + Acknowledgment number (raw): 220459988 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xc7de [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11873 112.486510 133.80.115.89 133.80.1.1 SSHv2 94 Client: Encrypted packet (len=40) + +Frame 11873: 94 bytes on wire (752 bits), 94 bytes captured (752 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 851, Ack: 1050, Len: 40 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 32] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 40] + Sequence Number: 851 (relative sequence number) + Sequence Number (raw): 3459182072 + [Next Sequence Number: 891 (relative sequence number)] + Acknowledgment Number: 1050 (relative ack number) + Acknowledgment number (raw): 220459988 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xd7bf [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (40 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11874 112.487099 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=1050 Ack=891 Win=4056 Len=0 + +Frame 11874: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1050, Ack: 891, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 33] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1050 (relative sequence number) + Sequence Number (raw): 220459988 + [Next Sequence Number: 1050 (relative sequence number)] + Acknowledgment Number: 891 (relative ack number) + Acknowledgment number (raw): 3459182112 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4056 + [Calculated window size: 4056] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb1e2 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11875 112.487425 133.80.115.89 133.80.1.1 SSHv2 74 Encrypted packet (len=20)[Malformed Packet] + +Frame 11875: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 891, Ack: 1050, Len: 20 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 34] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 20] + Sequence Number: 891 (relative sequence number) + Sequence Number (raw): 3459182112 + [Next Sequence Number: 911 (relative sequence number)] + Acknowledgment Number: 1050 (relative ack number) + Acknowledgment number (raw): 220459988 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x88c9 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (20 bytes) +SSH Protocol +[Malformed Packet: SSH] + +No. Time Source Destination Protocol Length Info + 11876 112.487978 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=1050 Ack=911 Win=4076 Len=0 + +Frame 11876: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1050, Ack: 911, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 35] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1050 (relative sequence number) + Sequence Number (raw): 220459988 + [Next Sequence Number: 1050 (relative sequence number)] + Acknowledgment Number: 911 (relative ack number) + Acknowledgment number (raw): 3459182132 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4076 + [Calculated window size: 4076] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb1ba [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11877 112.488769 133.80.1.1 133.80.115.89 SSHv2 122 Server: Encrypted packet (len=68) + +Frame 11877: 122 bytes on wire (976 bits), 122 bytes captured (976 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1050, Ack: 911, Len: 68 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 36] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 68] + Sequence Number: 1050 (relative sequence number) + Sequence Number (raw): 220459988 + [Next Sequence Number: 1118 (relative sequence number)] + Acknowledgment Number: 911 (relative ack number) + Acknowledgment number (raw): 3459182132 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0x0bd2 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (68 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11878 112.489045 133.80.115.89 133.80.1.1 TCP 54 45505 → 22 [ACK] Seq=911 Ack=1118 Win=64003 Len=0 + +Frame 11878: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 911, Ack: 1118, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 37] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 911 (relative sequence number) + Sequence Number (raw): 3459182132 + [Next Sequence Number: 911 (relative sequence number)] + Acknowledgment Number: 1118 (relative ack number) + Acknowledgment number (raw): 220460056 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xc75e [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11879 112.489217 133.80.1.1 133.80.115.89 SSHv2 130 Server: Encrypted packet (len=76) + +Frame 11879: 130 bytes on wire (1040 bits), 130 bytes captured (1040 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1118, Ack: 911, Len: 76 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 38] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 76] + Sequence Number: 1118 (relative sequence number) + Sequence Number (raw): 220460056 + [Next Sequence Number: 1194 (relative sequence number)] + Acknowledgment Number: 911 (relative ack number) + Acknowledgment number (raw): 3459182132 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x018 (PSH, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 1... = Push: Set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······AP···] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xa58e [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + TCP payload (76 bytes) +SSH Protocol + +No. Time Source Destination Protocol Length Info + 11880 112.489410 133.80.115.89 133.80.1.1 TCP 54 45505 → 22 [ACK] Seq=911 Ack=1194 Win=64003 Len=0 + +Frame 11880: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 911, Ack: 1194, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 39] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 911 (relative sequence number) + Sequence Number (raw): 3459182132 + [Next Sequence Number: 911 (relative sequence number)] + Acknowledgment Number: 1194 (relative ack number) + Acknowledgment number (raw): 220460132 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xc712 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11881 112.489578 133.80.115.89 133.80.1.1 TCP 54 45505 → 22 [FIN, ACK] Seq=911 Ack=1194 Win=64003 Len=0 + +Frame 11881: 54 bytes on wire (432 bits), 54 bytes captured (432 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: Dell_25:c2:b4 (74:86:e2:25:c2:b4), Dst: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3) +Internet Protocol Version 4, Src: 133.80.115.89, Dst: 133.80.1.1 +Transmission Control Protocol, Src Port: 45505, Dst Port: 22, Seq: 911, Ack: 1194, Len: 0 + Source Port: 45505 + Destination Port: 22 + [Stream index: 110] + [Stream Packet Number: 40] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 911 (relative sequence number) + Sequence Number (raw): 3459182132 + [Next Sequence Number: 912 (relative sequence number)] + Acknowledgment Number: 1194 (relative ack number) + Acknowledgment number (raw): 220460132 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x011 (FIN, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...1 = Fin: Set + [TCP Flags: ·······A···F] + Window: 64003 + [Calculated window size: 64003] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xc711 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + +No. Time Source Destination Protocol Length Info + 11882 112.490343 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [ACK] Seq=1194 Ack=912 Win=4096 Len=0 + +Frame 11882: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1194, Ack: 912, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 41] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1194 (relative sequence number) + Sequence Number (raw): 220460132 + [Next Sequence Number: 1194 (relative sequence number)] + Acknowledgment Number: 912 (relative ack number) + Acknowledgment number (raw): 3459182133 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x010 (ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .0.. = Reset: Not set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A····] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb115 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps] + [SEQ/ACK analysis] + +No. Time Source Destination Protocol Length Info + 11900 112.683487 133.80.1.1 133.80.115.89 TCP 60 22 → 45505 [RST, ACK] Seq=1194 Ack=912 Win=4096 Len=0 + +Frame 11900: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface \Device\NPF_{487FF50B-D6AD-43B0-B1C0-3BB6E1B377F2}, id 0 +Ethernet II, Src: RuijieNetwor_b3:66:a3 (58:69:6c:b3:66:a3), Dst: Dell_25:c2:b4 (74:86:e2:25:c2:b4) +Internet Protocol Version 4, Src: 133.80.1.1, Dst: 133.80.115.89 +Transmission Control Protocol, Src Port: 22, Dst Port: 45505, Seq: 1194, Ack: 912, Len: 0 + Source Port: 22 + Destination Port: 45505 + [Stream index: 110] + [Stream Packet Number: 42] + [Conversation completeness: Complete, WITH_DATA (63)] + [TCP Segment Len: 0] + Sequence Number: 1194 (relative sequence number) + Sequence Number (raw): 220460132 + [Next Sequence Number: 1194 (relative sequence number)] + Acknowledgment Number: 912 (relative ack number) + Acknowledgment number (raw): 3459182133 + 0101 .... = Header Length: 20 bytes (5) + Flags: 0x014 (RST, ACK) + 000. .... .... = Reserved: Not set + ...0 .... .... = Accurate ECN: Not set + .... 0... .... = Congestion Window Reduced: Not set + .... .0.. .... = ECN-Echo: Not set + .... ..0. .... = Urgent: Not set + .... ...1 .... = Acknowledgment: Set + .... .... 0... = Push: Not set + .... .... .1.. = Reset: Set + .... .... ..0. = Syn: Not set + .... .... ...0 = Fin: Not set + [TCP Flags: ·······A·R··] + Window: 4096 + [Calculated window size: 4096] + [Window size scaling factor: -2 (no window scaling used)] + Checksum: 0xb111 [unverified] + [Checksum Status: Unverified] + Urgent Pointer: 0 + [Timestamps]