tshark -i eno2 'port 3389'
Running as user "root" and group "root". This could be dangerous.
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:44: dofile has been disabled due to running Wireshark as superuser. See
https://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user.
Capturing on 'eno2'
1 0.000000000 88.16.40.79 ? 89.39.104.155 TCP 66 50550 ? 3389 [SYN] Seq=0 Win=8192 Len=0 MSS=1160 WS=4 SACK_PERM=1
2 0.000065188 89.39.104.155 ? 88.16.40.79 TCP 66 3389 ? 50550 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128
3 0.067006335 88.16.40.79 ? 89.39.104.155 TCP 60 50550 ? 3389 [ACK] Seq=1 Ack=1 Win=17280 Len=0
4 0.067065363 88.16.40.79 ? 89.39.104.155 TCP 73 50550 ? 3389 [PSH, ACK] Seq=1 Ack=1 Win=17280 Len=19
5 0.067087309 89.39.104.155 ? 88.16.40.79 TCP 54 3389 ? 50550 [ACK] Seq=1 Ack=20 Win=29312 Len=0
6 0.198740698 89.39.104.155 ? 88.16.40.79 TCP 73 3389 ? 50550 [PSH, ACK] Seq=1 Ack=20 Win=29312 Len=19
7 0.464938896 89.39.104.155 ? 88.16.40.79 TCP 73 [TCP Retransmission] 3389 ? 50550 [PSH, ACK] Seq=1 Ack=20 Win=29312 Len=19
8 0.521475164 88.16.40.79 ? 89.39.104.155 TCP 60 50550 ? 3389 [ACK] Seq=20 Ack=20 Win=17260 Len=0
9 0.596743037 88.16.40.79 ? 89.39.104.155 TCP 66 [TCP Dup ACK 8#1] 50550 ? 3389 [ACK] Seq=20 Ack=20 Win=17260 Len=0 SLE=1 SRE=20
мой ip 88.16.40.79
Тема: Найти и посчитать пакеты отвечающие за установку соединения в RDP (Прочитано 673 раз)
