Ok, de IP adressen kan ik net zo goed delen, was puur ter voorkoming van attacks (dat gebeurt me al vaak genoeg )
IPv6: 2a05:e1c0::38
IPv4: 91.218.127.50
Connectie thuis loopt over HurricaneElectric tunnel en werk is Ziggo.
Reverse DNS is aanwezig.
Hierbij even een tcpdump puur op poort 587
Code:
root@vps:~# tcpdump -i eth0 port 587
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:04:21.043192 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [S], seq 1485902214, win 28800, options [mss 1440,sackOK,TS val 101144306 ecr 0,nop,wscale 6], length 0
11:04:21.043249 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [S.], seq 1431914502, ack 1485902215, win 28560, options [mss 1440,sackOK,TS val 254417873 ecr 101144306,nop,wscale 6], length 0
11:04:21.091339 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 1, win 450, options [nop,nop,TS val 101144310 ecr 254417873], length 0
11:04:41.180057 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [P.], seq 1:76, ack 1, win 447, options [nop,nop,TS val 254422907 ecr 101144310], length 75
11:04:41.450661 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [P.], seq 1:76, ack 1, win 447, options [nop,nop,TS val 254422975 ecr 101144310], length 75
11:04:41.602771 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 76, win 450, options [nop,nop,TS val 101146362 ecr 254422907], length 0
11:04:41.610829 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 76, win 450, options [nop,nop,TS val 101146362 ecr 254422975,nop,nop,sack 1 {1:76}], length 0
11:04:47.531749 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [P.], seq 1:7, ack 76, win 450, options [nop,nop,TS val 101146955 ecr 254422975], length 6
11:04:47.531790 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [.], ack 7, win 447, options [nop,nop,TS val 254424495 ecr 101146955], length 0
11:04:47.531871 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [P.], seq 76:122, ack 7, win 447, options [nop,nop,TS val 254424495 ecr 101146955], length 46
11:04:47.532062 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [F.], seq 122, ack 7, win 447, options [nop,nop,TS val 254424495 ecr 101146955], length 0
11:04:47.539900 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 122, win 450, options [nop,nop,TS val 101146955 ecr 254424495], length 0
11:04:47.542045 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [F.], seq 7, ack 123, win 450, options [nop,nop,TS val 101146956 ecr 254424495], length 0
11:04:47.542060 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [.], ack 8, win 447, options [nop,nop,TS val 254424497 ecr 101146956], length 0
^C
14 packets captured
16 packets received by filter
0 packets dropped by kernel
En vanaf de client zie ik dit:
Code:
root@raspberrypi:/home/pi# tcpdump -i wlan0 port 587
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:04:21.022981 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [S], seq 1485902214, win 28800, options [mss 1440,sackOK,TS val 101144306 ecr 0,nop,wscale 6], length 0
11:04:21.070549 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [S.], seq 1431914502, ack 1485902215, win 28560, options [mss 1220,sackOK,TS val 254417873 ecr 101144306,nop,wscale 6], length 0
11:04:21.070793 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 1, win 450, options [nop,nop,TS val 101144310 ecr 254417873], length 0
11:04:41.582219 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [P.], seq 1:76, ack 1, win 447, options [nop,nop,TS val 254422907 ecr 101144310], length 75
11:04:41.582412 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 76, win 450, options [nop,nop,TS val 101146362 ecr 254422907], length 0
11:04:41.584272 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [P.], seq 1:76, ack 1, win 447, options [nop,nop,TS val 254422975 ecr 101144310], length 75
11:04:41.584453 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 76, win 450, options [nop,nop,TS val 101146362 ecr 254422975,nop,nop,sack 1 {1:76}], length 0
11:04:47.511910 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [P.], seq 1:7, ack 76, win 450, options [nop,nop,TS val 101146955 ecr 254422975], length 6
11:04:47.519023 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [.], ack 7, win 447, options [nop,nop,TS val 254424495 ecr 101146955], length 0
11:04:47.519680 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [P.], seq 76:122, ack 7, win 447, options [nop,nop,TS val 254424495 ecr 101146955], length 46
11:04:47.519816 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [.], ack 122, win 450, options [nop,nop,TS val 101146955 ecr 254424495], length 0
11:04:47.521642 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [F.], seq 122, ack 7, win 447, options [nop,nop,TS val 254424495 ecr 101146955], length 0
11:04:47.522239 IP6 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052 > vps.hostname.nl.submission: Flags [F.], seq 7, ack 123, win 450, options [nop,nop,TS val 101146956 ecr 254424495], length 0
11:04:47.530946 IP6 vps.hostname.nl.submission > 2001:470:1f15:787:35f:76a4:ecfd:d12f.48052: Flags [.], ack 8, win 447, options [nop,nop,TS val 254424497 ecr 101146956], length 0
^C
14 packets captured
14 packets received by filter
0 packets dropped by kernel
Ik moet toegeven dat ik hier niet zo erg bedreven in ben, als er meer info nodig is hoor ik het graag.
Heb alleen even voor google de hostname van mijn server onleesbaar gemaakt.