Revision history [back]
Statistics -> Capture File Properties
- capture is dated 2010-10-08 (it's been around a while) Statistics -> Conversations
or Statistics -> Endpoints
- the devices are both VMs (00:0c:29) - Right click on Frame #4 (
TELNET
) and select Follow->TCP Stream
:
- client is sending X11 DISPLAY info - backtrack:0.0 - predecessor to Kali (linux client)
- response as coming back at Microsoft Telnet Server (Windows server)
- telnet and ssh servers will often do a name lookup of the client making the connection.
In this case it's a Windows server so doing NBNS
Statistics -> Capture File Properties
- capture is dated 2010-10-08 (it's been around a while) Statistics -> Conversations
or Statistics -> Endpoints
- the devices are both VMs (00:0c:29) - Right click on Frame #4 (
TELNET
) and select Follow->TCP Stream
:
- client is sending X11 DISPLAY info - backtrack:0.0 - predecessor to Kali (linux client)
- response as coming back at Microsoft Telnet Server (Windows server)
- telnet and ssh servers will often do a name lookup of the client making the connection.
In this case it's a Windows server so doing NBNS
- The domain name in the DHCP ACK is for a college/university - perhaps where the capture was done.
Statistics -> Capture File Properties
- capture is dated 2010-10-08 (it's been around a while) Statistics -> Conversations
or Statistics -> Endpoints
- the devices are both VMs (00:0c:29) - Right click on Frame #4 (
TELNET
) and select Follow->TCP Stream
:
- client is sending X11 DISPLAY info - backtrack:0.0 - predecessor to Kali (linux client)
- response
as is coming back at as Microsoft Telnet Server (Windows server) - telnet and ssh servers will often do a name lookup of the client making the connection.
In this case it's a Windows server so doing NBNS
- The domain name in the DHCP ACK is for a college/university - perhaps where the capture was done.