Duvidas em leitura de info do tcptrack

1. Duvidas em leitura de info do tcptrack

arasouza
(usa Debian)

Enviado em 10/02/2014 - 19:11h

Pessoal é o seguinte tenho 2 redes segmentadas em 10.10.20.x 192.168.2.x, as 2 com seu próprio proxy, porém a rede 192.168.2.x tem que ler uns arquivos que estão em uma maquina na rede 10.10.20.x, então foi feito a instalação de 2 interfaces de rede para fazer o roteamento entre as duas redes, ultimamente estou analisando o trafego da rede inicialmente com o tcptrack -i eth2 (rede 10.10.20.x) e olhem um dos resultados:

192.168.2.128:50566 111.111.111.111:80 CLOSING 28s 0 B/s
192.168.2.128:50066 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50102 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50073 200.182.35.163:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50110 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50565 111.111.111.111:80 ESTABLISHED 50s 0 B/s
192.168.2.128:50283 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:51073 31.13.71.33:443 ESTABLISHED 48s 0 B/s
192.168.2.128:49956 111.111.111.111:80 ESTABLISHED 19m 0 B/s
192.168.2.128:50189 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50100 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50315 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50083 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50235 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50106 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50169 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50109 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50101 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50067 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50259 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50563 111.111.111.111:80 CLOSING 11s 0 B/s
192.168.2.128:50314 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50538 173.194.118.41:443 ESTABLISHED 2m 0 B/s
192.168.2.128:50103 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50237 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50287 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50131 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50133 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50256 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50134 200.182.35.145:80 ESTABLISHED 8m 0 B/s
192.168.2.128:50313 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50108 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50135 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50154 200.182.35.163:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50282 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50094 200.182.35.145:80 ESTABLISHED 7m 0 B/s
192.168.2.128:50567 64.4.11.25:80 ESTABLISHED 2s 1 KB/s

Isto está chegando até o servidor da rede 10.10.20.x, o tcptrack lê todo o trafego da rede?? e os demais ips por que le não mostra??? agradeço qualquer informação....

0 0

Quote