How can i make analysed my traffic

asked 2023-12-20 07:17:40 +0000

bob333 gravatar image

updated 2023-12-23 12:21:48 +0000

Hello,

since some time my computer run strongly each time iam connected on internet, even with a totaly normal use: like only navigating, nothing more.

I just run wireshark, iam absolutly not an expert but some lines make me unsure.

Like this one for exemple :

https://ibb.co/5TfFk83

So how can i make analysed he result wireshark give me ?

Edit : Another strange thing.

I made a command on cdiscount in the beggining of the month, i received a packet this 20/12/2023. When i opened the box the product is near the same but look very low quality and is only in a random platic bag. The product i commanded should be on hard platic with a mark label. So i tought it's was an error , i connected to my cdiscount accoumpt, the product is not delivered yet, when i check the sender the package still on transit, the number of the package is not the same, even my phone number is my old one, not the actual one. But the product is similar. How is it possible ? as i commanded this from my own computer at my home, and nobody knew about this command ?

here is the log wireshark gave me when i turn on my live box and then enable wifi broswer closed and nothing running.

Can someone check it ? please.

No.     Time           Source                Destination           Protocol Length Info
  1 0.000000000    127.0.0.1             127.0.0.1             TCP      76     49506 → 5037 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3869439190 TSecr=0 WS=128

Frame 1: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0 Linux cooked capture Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49506, Dst Port: 5037, Seq: 0, Len: 0

No. Time Source Destination Protocol Length Info 2 0.000007908 127.0.0.1 127.0.0.1 TCP 56 5037 → 49506 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0

Frame 2: 56 bytes on wire (448 bits), 56 bytes captured (448 bits) on interface 0 Linux cooked capture Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 5037, Dst Port: 49506, Seq: 1, Ack: 1, Len: 0

No. Time Source Destination Protocol Length Info 3 0.001106842 127.0.0.1 127.0.0.1 TCP 76 49522 → 5037 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3869439191 TSecr=0 WS=128

Frame 3: 76 bytes on wire (608 bits), 76 bytes captured (608 bits) on interface 0 Linux cooked capture Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1 Transmission Control Protocol, Src Port: 49522, Dst Port: 5037, Seq: 0, Len: 0

No. Time Source Destination Protocol Length Info 4 0.001111497 127.0.0.1 127.0.0.1 TCP 56 5037 → 49522 [RST, ACK ... (more)

edit retag flag offensive close merge delete

Comments

What are you trying to check?? The information that you shared has multiple connections. The screenshot that you shared uses port 443 and the data would be encrypted.

BigFatCat gravatar imageBigFatCat ( 2023-12-24 16:52:45 +0000 )edit

iam trying to check if their is something wrong in my network. As iam not an expert iam a bit lost so i don't know what i have to do basicly.

bob333 gravatar imagebob333 ( 2023-12-24 17:27:42 +0000 )edit

found the connection make my computer crazy : thibault@locanode-820:~$ sudo tcpkill host par10s22-in-x0a.1e100.net tcpkill: listening on wlo1 [host par10s22-in-x0a.1e100.net]

thibault@locanode-820:~$ sudo tcpkill host par10s42-in-x0e.1e100.net [sudo] Mot de passe de thibault :
tcpkill: listening on wlo1 [host par10s42-in-x0e.1e100.net]

thibault@locanode-820:~$ sudo tcpkill host par21s22-in-x03.1e100.net thibault@locanode-820:~$ sudo tcpkill host par10s38-in-x03.1e100.net thibault@locanode-820:~$ sudo tcpkill host ae0bb45fd80a86dcb.awsglobalaccelerato...

thibault@locanode-820:~$ sudo tcpkill host par21s22-in-f14.1e100.net [sudo] Mot de passe de thibault :
tcpkill: listening on wlo1 [host par21s22-in-f14.1e100.net] 142.250.178.142:443 > 192.168.1.12:35962: R 3463331168:3463331168(0) win 0 142.250.178.142:443 > 192.168.1.12:35962: R 3463331574:3463331574(0) win 0 142.250.178.142:443 > 192.168.1.12:35962: R 3463332386:3463332386(0) win 0 192.168.1.12:35962 > 142.250.178 ...(more)

bob333 gravatar imagebob333 ( 2023-12-27 23:04:33 +0000 )edit