Code: Select all
tcpdump: WARNING: vbr.13: no IPv4 address assigned
tcpdump: listening on vbr.13, link-type EN10MB (Ethernet), capture size 96 bytes
11:06:01.603432 IP (tos 0x0, ttl 116, id 58986, offset 0, flags [none], proto UDP (17), length 44)
    93.118.199.195.27005 > 74.91.112.223.27015: UDP, payload 16
	0x0000:  4500 002c e66a 0000 7411 7fe2 5d76 c7c3  E..,.j..t...]v..
	0x0010:  4a5b 70df 697d 6987 0018 ceda ffff ffff  J[p.i}i.........
	0x0020:  6765 7463 6861 6c6c 656e 6765            getchallenge
11:06:01.604273 IP (tos 0x0, ttl 128, id 547, offset 0, flags [none], proto UDP (17), length 56)
    74.91.112.223.27015 > 93.118.199.195.27005: UDP, payload 28
	0x0000:  4500 0038 0223 0000 8011 581e 4a5b 70df  E..8.#....X.J[p.
	0x0010:  5d76 c7c3 6987 697d 0024 e0a9 ffff ffff  ]v..i.i}.$......
	0x0020:  4130 3030 3030 3030 3020 3132 3638 3532  A00000000.126852
	0x0030:  3734 3434 2032 0a00                      7444.2..
11:06:01.769298 IP (tos 0x0, ttl 128, id 548, offset 0, flags [none], proto UDP (17), length 128)
    74.91.112.223.26900 > 72.165.61.187.27017: UDP, payload 100
	0x0000:  4500 0080 0224 0000 8011 f6ae 4a5b 70df  E....$......J[p.
	0x0010:  48a5 3dbb 6914 6989 006c 4218 5653 3031  H.=.i.i..lB.VS01
	0x0020:  4000 0700 0002 0000 006c 3c43 0000 0000  @........l<C....
	0x0030:  0700 0000 0100 0000 0000 0000 4000 0000  ............@...
	0x0040:  aede c399 e25c b44e 7b72 ec92 1053 b126  .....\.N{r...S.&
	0x0050:  ac21                                     .!
11:06:01.770272 IP (tos 0x0, ttl 116, id 58999, offset 0, flags [none], proto UDP (17), length 77)
    93.118.199.195.27005 > 74.91.112.223.27015: UDP, payload 49
	0x0000:  4500 004d e677 0000 7411 7fb4 5d76 c7c3  E..M.w..t...]v..
	0x0010:  4a5b 70df 697d 6987 0039 25be ffff ffff  J[p.i}i..9%.....
	0x0020:  7263 6f6e 2031 3236 3835 3237 3434 3420  rcon.1268527444.
	0x0030:  2231 3932 3230 3030 2220 6563 686f 2058  "1922000".echo.X
	0x0040:  4272 7574 6520 6279 205a 6561 4c         Brute.by.ZeaL
11:06:01.771810 IP (tos 0x0, ttl 128, id 549, offset 0, flags [none], proto UDP (17), length 148)
    74.91.112.223.27015 > 174.121.10.253.27600: UDP, payload 120
	0x0000:  4500 0094 0225 0000 8011 c383 4a5b 70df  E....%......J[p.
	0x0010:  ae79 0afd 6987 6bd0 0080 7542 ffff ffff  .y..i.k...uB....
	0x0020:  6c6f 6720 4c20 3036 2f32 392f 3230 3133  log.L.06/29/2013
	0x0030:  202d 2031 303a 3035 3a35 313a 2042 6164  .-.10:05:51:.Bad
	0x0040:  2052 636f 6e3a 2022 7263 6f6e 2031 3236  .Rcon:."rcon.126
	0x0050:  3835                                     85
11:06:01.771982 IP (tos 0x0, ttl 128, id 550, offset 0, flags [none], proto UDP (17), length 54)
    74.91.112.223.27015 > 93.118.199.195.27005: UDP, payload 26
	0x0000:  4500 0036 0226 0000 8011 581d 4a5b 70df  E..6.&....X.J[p.
	0x0010:  5d76 c7c3 6987 697d 0022 e0a7 ffff ffff  ]v..i.i}."......
	0x0020:  6c42 6164 2072 636f 6e5f 7061 7373 776f  lBad.rcon_passwo
	0x0030:  7264 2e0a 0000                           rd....
11:06:02.547287 IP (tos 0x0, ttl 128, id 551, offset 0, flags [none], proto UDP (17), length 128)
    74.91.112.223.26901 > 208.64.200.137.27017: UDP, payload 100
	0x0000:  4500 0080 0227 0000 8011 e441 4a5b 70df  E....'.....AJ[p.
	0x0010:  d040 c889 6915 6989 006c 5482 5653 3031  .@..i.i..lT.VS01
	0x0020:  4000 0600 0002 0000 0072 a9e6 0b00 0000  @........r......
	0x0030:  0700 0000 0100 0000 0b00 0000 4000 0000  ............@...
	0x0040:  236e 595a a669 8c8d 8067 d5c0 76d8 a5ae  #nYZ.i...g..v...
	0x0050:  a6d7                                     ..
11:06:02.587316 IP (tos 0x0, ttl 116, id 12409, offset 0, flags [none], proto UDP (17), length 44)
    89.231.185.178.13193 > 74.91.112.223.27015: UDP, payload 16
	0x0000:  4500 002c 3079 0000 7411 4774 59e7 b9b2  E..,0y..t.GtY...
	0x0010:  4a5b 70df 3389 6987 0018 166f ffff ffff  J[p.3.i....o....
	0x0020:  6765 7463 6861 6c6c 656e 6765            getchallenge
11:06:02.589263 IP (tos 0x0, ttl 128, id 552, offset 0, flags [none], proto UDP (17), length 55)
    74.91.112.223.27015 > 89.231.185.178.13193: UDP, payload 27
	0x0000:  4500 0037 0228 0000 8011 69ba 4a5b 70df  E..7.(....i.J[p.
	0x0010:  59e7 b9b2 6987 3389 0023 cf08 ffff ffff  Y...i.3..#......
	0x0020:  4130 3030 3030 3030 3020 3638 3137 3634  A00000000.681764
	0x0030:  3538 3520 320a 00                        585.2..
11:06:02.748965 IP (tos 0x0, ttl 116, id 12425, offset 0, flags [none], proto UDP (17), length 77)
    89.231.185.178.13193 > 74.91.112.223.27015: UDP, payload 49
	0x0000:  4500 004d 3089 0000 7411 4743 59e7 b9b2  E..M0...t.GCY...
	0x0010:  4a5b 70df 3389 6987 0039 6f4d ffff ffff  J[p.3.i..9oM....
	0x0020:  7263 6f6e 2036 3831 3736 3435 3835 2022  rcon.681764585."
	0x0030:  3234 3032 3230 3030 2220 6563 686f 2058  24022000".echo.X
	0x0040:  4272 7574 6520 6279 205a 6561 4c         Brute.by.ZeaL
11:06:02.749985 IP (tos 0x0, ttl 128, id 553, offset 0, flags [none], proto UDP (17), length 148)
    74.91.112.223.27015 > 174.121.10.253.27600: UDP, payload 120
	0x0000:  4500 0094 0229 0000 8011 c37f 4a5b 70df  E....)......J[p.
	0x0010:  ae79 0afd 6987 6bd0 0080 7542 ffff ffff  .y..i.k...uB....
	0x0020:  6c6f 6720 4c20 3036 2f32 392f 3230 3133  log.L.06/29/2013
	0x0030:  202d 2031 303a 3035 3a35 323a 2042 6164  .-.10:05:52:.Bad
	0x0040:  2052 636f 6e3a 2022 7263 6f6e 2036 3831  .Rcon:."rcon.681
	0x0050:  3736                                     76
11:06:02.750205 IP (tos 0x0, ttl 128, id 554, offset 0, flags [none], proto UDP (17), length 54)
    74.91.112.223.27015 > 89.231.185.178.13193: UDP, payload 26
	0x0000:  4500 0036 022a 0000 8011 69b9 4a5b 70df  E..6.*....i.J[p.
	0x0010:  59e7 b9b2 6987 3389 0022 cf07 ffff ffff  Y...i.3.."......
	0x0020:  6c42 6164 2072 636f 6e5f 7061 7373 776f  lBad.rcon_passwo
	0x0030:  7264 2e0a 0000                           rd....
12 packets captured
14 packets received by filter
0 packets dropped by kernel


