# UK
Dest=87;CompatibleVersion=0000bc25-;
Dest=87;CompatibleSystemSoftwareVersion=3.5600-;
Dest=87;ImageVersion=0000bc76;SystemSoftwareVersion=3.5600;CDN=https://duk01.ps3.update.playstation.net/update/ps3/image/uk/2011_0127_6e070c96e0464e993aaf9deac3660863/PS3UPDAT.PUP;CDN_Timeout=30;
.
Just have a look at it and see if you find anything interesting

No. Time Source Destination Protocol Info
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 116
Identification: 0x7529 (29993)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc938 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55835 (55835)
Source port: domain (53)
Destination port: 55835 (55835)
Length: 96
Checksum: 0x3c89 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 89]
[Time: 0.000267000 seconds]
Transaction I
0xb815
Flags: 0x8580 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .1.. .... .... = Authoritative: Server is an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 1
Authority RRs: 1
Additional RRs: 0
Queries
feu01.ps3.update.playstation.net: type A, class IN
Name: feu01.ps3.update.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
feu01.ps3.update.playstation.net: type A, class IN, addr prxy.dns.fake.http
Name: feu01.ps3.update.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 4
Addr: prxy.dns.fake.http
Authoritative nameservers
ps3.update.playstation.net: type NS, class IN, ns ps3proxy
Name: ps3.update.playstation.net
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 10
Name server: ps3proxy
No. Time Source Destination Protocol Info
91 36.185879 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
Frame 91 (78 bytes on wire, 78 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347147000
[Time delta from previous captured frame: 0.000390000 seconds]
[Time delta from previous displayed frame: 0.000390000 seconds]
[Time since reference or first frame: 36.185879000 seconds]
Frame Number: 91
Frame Length: 78 bytes
Capture Length: 78 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 64
Identification: 0x8468 (33896)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7a38 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 0, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x02 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgement: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Message: Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0x9a90 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (24 bytes)
Maximum segment size: 1460 bytes
NOP
Window scale: 0 (multiply by 1)
SACK permitted
NOP
NOP
NOP
NOP
Timestamps: TSval 0, TSecr 0
No. Time Source Destination Protocol Info
92 36.185924 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64780 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
Frame 92 (58 bytes on wire, 58 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347192000
[Time delta from previous captured frame: 0.000045000 seconds]
[Time delta from previous displayed frame: 0.000045000 seconds]
[Time since reference or first frame: 36.185924000 seconds]
Frame Number: 92
Frame Length: 58 bytes
Capture Length: 58 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 44
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xfeb4 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 24 bytes
Flags: 0x12 (SYN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port http]
[Message: Connection establish acknowledge (SYN+ACK): server port http]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x3c36 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (4 bytes)
Maximum segment size: 1460 bytes
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 91]
[The RTT to ACK the segment was: 0.000045000 seconds]
No. Time Source Destination Protocol Info
93 36.186158 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0
Frame 93 (60 bytes on wire, 60 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347426000
[Time delta from previous captured frame: 0.000234000 seconds]
[Time delta from previous displayed frame: 0.000234000 seconds]
[Time since reference or first frame: 36.186158000 seconds]
Frame Number: 93
Frame Length: 60 bytes
Capture Length: 60 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xefe2 (61410)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x0ed6 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 1, Ack: 1, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xb55c [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 92]
[The RTT to ACK the segment was: 0.000234000 seconds]
No. Time Source Destination Protocol Info
94 36.186449 ps3.ps3.ps3.ps3 prxy.dns.fake.http HTTP GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
Frame 94 (249 bytes on wire, 249 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347717000
[Time delta from previous captured frame: 0.000291000 seconds]
[Time delta from previous displayed frame: 0.000291000 seconds]
[Time since reference or first frame: 36.186449000 seconds]
Frame Number: 94
Frame Length: 249 bytes
Capture Length: 249 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp:http]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 235
Identification: 0xca45 (51781)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x33b0 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 1, Ack: 1, Len: 195
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
[Next sequence number: 196 (relative sequence number)]
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0x1be0 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[Number of bytes in flight: 195]
Hypertext Transfer Protocol
GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
[Expert Info (Chat/Sequence): GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
]
[Message: GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: /update/ps3/list/eu/ps3-updatelist.txt
Request Version: HTTP/1.1
Host: feu01.ps3.update.playstation.net
Connection: Keep-Alive
Accept-Encoding: identity
User-Agent: PS3Update-agent/1.0.0 libhttp/1.0.0
No. Time Source Destination Protocol Info
95 36.186486 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64780 [ACK] Seq=1 Ack=196 Win=6432 Len=0
Frame 95 (54 bytes on wire, 54 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347754000
[Time delta from previous captured frame: 0.000037000 seconds]
[Time delta from previous displayed frame: 0.000037000 seconds]
[Time since reference or first frame: 36.186486000 seconds]
Frame Number: 95
Frame Length: 54 bytes
Capture Length: 54 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x7fb4 (32692)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7f04 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 1, Ack: 196, Len: 0
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
Acknowledgement number: 196 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 6432
Checksum: 0x3c32 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 94]
[The RTT to ACK the segment was: 0.000037000 seconds]
No. Time Source Destination Protocol Info
96 36.186831 prxy.dns.fake.http ps3.ps3.ps3.ps3 HTTP HTTP/1.1 200 OK (text/plain)
Frame 96 (535 bytes on wire, 535 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.348099000
[Time delta from previous captured frame: 0.000345000 seconds]
[Time delta from previous displayed frame: 0.000345000 seconds]
[Time since reference or first frame: 36.186831000 seconds]
Frame Number: 96
Frame Length: 535 bytes
Capture Length: 535 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp:http:data-text-lines]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 521
Identification: 0x7fb5 (32693)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7d22 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 1, Ack: 196, Len: 481
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
[Next sequence number: 482 (relative sequence number)]
Acknowledgement number: 196 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 6432
Checksum: 0x3e13 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[Number of bytes in flight: 481]
Hypertext Transfer Protocol
HTTP/1.1 200 OK
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK
]
[Message: HTTP/1.1 200 OK
]
[Severity level: Chat]
[Group: Sequence]
Request Version: HTTP/1.1
Response Code: 200
Date: Fri, 11 Feb 2011 16:03:41 GMT
Server: Apache/2.2.16 (Ubuntu)
Last-Modified: Wed, 09 Feb 2011 12:56:33 GMT
ETag: "cf7bf-a6-49bd8fe926051"
Accept-Ranges: bytes
Content-Length: 166
[Content length: 166]
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain
Line-based text data: text/plain
# EU\n
Dest=85;CompatibleSystemSoftwareVersion=3.5500-;\n
Dest=85;ImageVersion=0000b99c;SystemSoftwareVersion=3.5500;CDN=https://prxy.dns.fake.http/PS3UPDAT.PUP;CDN_Timeout=30;\n
\n
No. Time Source Destination Protocol Info
97 36.234754 ps3.ps3.ps3.ps3 prxy.dns.fake.http DNS Standard query A auth.np.ac.playstation.net
Frame 97 (86 bytes on wire, 86 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.396022000
[Time delta from previous captured frame: 0.047923000 seconds]
[Time delta from previous displayed frame: 0.047923000 seconds]
[Time since reference or first frame: 36.234754000 seconds]
Frame Number: 97
Frame Length: 86 bytes
Capture Length: 86 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 72
Identification: 0xd6fe (5503
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x678f [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55834 (55834), Dst Port: domain (53)
Source port: 55834 (55834)
Destination port: domain (53)
Length: 52
Checksum: 0xaf4f [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
[Response In: 98]
Transaction I
0x2270
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
auth.np.ac.playstation.net: type A, class IN
Name: auth.np.ac.playstation.net
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
98 36.235009 prxy.dns.fake.http ps3.ps3.ps3.ps3 DNS Standard query response A 199.108.4.73
Frame 98 (102 bytes on wire, 102 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.396277000
[Time delta from previous captured frame: 0.000255000 seconds]
[Time delta from previous displayed frame: 0.000255000 seconds]
[Time since reference or first frame: 36.235009000 seconds]
Frame Number: 98
Frame Length: 102 bytes
Capture Length: 102 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 88
Identification: 0x752a (29994)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc953 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55834 (55834)
Source port: domain (53)
Destination port: 55834 (55834)
Length: 68
Checksum: 0x3c6d [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 97]
[Time: 0.000255000 seconds]
Transaction I
0x2270
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 1
Authority RRs: 0
Additional RRs: 0
Queries
auth.np.ac.playstation.net: type A, class IN
Name: auth.np.ac.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
auth.np.ac.playstation.net: type A, class IN, addr 199.108.4.73
Name: auth.np.ac.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 31 minutes, 23 seconds
Data length: 4
Addr: 199.108.4.73
No. Time Source Destination Protocol Info
101 36.377165 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [ACK] Seq=196 Ack=482 Win=65535 Len=0
Frame 101 (60 bytes on wire, 60 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.538433000
[Time delta from previous captured frame: 0.037401000 seconds]
[Time delta from previous displayed frame: 0.142156000 seconds]
[Time since reference or first frame: 36.377165000 seconds]
Frame Number: 101
Frame Length: 60 bytes
Capture Length: 60 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x86a7 (34471)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7811 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 196, Ack: 482, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 196 (relative sequence number)
Acknowledgement number: 482 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xb2b8 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 96]
[The RTT to ACK the segment was: 0.190334000 seconds]
No. Time Source Destination Protocol Info
103 38.820981 ps3.ps3.ps3.ps3 prxy.dns.fake.http STUN Message: Binding Request
Frame 103 (98 bytes on wire, 98 bytes captured)
Arrival Time: Feb 11, 2011 17:03:43.982249000
[Time delta from previous captured frame: 1.960515000 seconds]
[Time delta from previous displayed frame: 2.443816000 seconds]
[Time since reference or first frame: 38.820981000 seconds]
Frame Number: 103
Frame Length: 98 bytes
Capture Length: 98 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:stun]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xf538 (62776)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x4949 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
104 38.821036 prxy.dns.fake.http ps3.ps3.ps3.ps3 ICMP Destination unreachable (Port unreachable)
Frame 104 (126 bytes on wire, 126 bytes captured)
Arrival Time: Feb 11, 2011 17:03:43.982304000
[Time delta from previous captured frame: 0.000055000 seconds]
[Time delta from previous displayed frame: 0.000055000 seconds]
[Time since reference or first frame: 38.821036000 seconds]
Frame Number: 104
Frame Length: 126 bytes
Capture Length: 126 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:icmp:ip:udp:stun]
[Coloring Rule Name: ICMP errors]
[Coloring Rule String: icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 112
Identification: 0x752b (29995)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: ICMP (0x01)
Header checksum: 0xc88a [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0x3966 [correct]
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xf538 (62776)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x4949 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
119 45.222458 ps3.ps3.ps3.ps3 prxy.dns.fake.http STUN Message: Binding Request
Frame 119 (98 bytes on wire, 98 bytes captured)
Arrival Time: Feb 11, 2011 17:03:50.383726000
[Time delta from previous captured frame: 2.166652000 seconds]
[Time delta from previous displayed frame: 6.401422000 seconds]
[Time since reference or first frame: 45.222458000 seconds]
Frame Number: 119
Frame Length: 98 bytes
Capture Length: 98 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:stun]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xadd2 (4449
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x90af [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
120 45.222523 prxy.dns.fake.http ps3.ps3.ps3.ps3 ICMP Destination unreachable (Port unreachable)
Frame 120 (126 bytes on wire, 126 bytes captured)
Arrival Time: Feb 11, 2011 17:03:50.383791000
[Time delta from previous captured frame: 0.000065000 seconds]
[Time delta from previous displayed frame: 0.000065000 seconds]
[Time since reference or first frame: 45.222523000 seconds]
Frame Number: 120
Frame Length: 126 bytes
Capture Length: 126 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:icmp:ip:udp:stun]
[Coloring Rule Name: ICMP errors]
[Coloring Rule String: icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 112
Identification: 0x752c (29996)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: ICMP (0x01)
Header checksum: 0xc889 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0x3966 [correct]
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xadd2 (4449
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x90af [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
125 51.200308 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64780 [FIN, ACK] Seq=482 Ack=196 Win=6432 Len=0
Frame 125 (54 bytes on wire, 54 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.361576000
[Time delta from previous captured frame: 3.128568000 seconds]
[Time delta from previous displayed frame: 5.977785000 seconds]
[Time since reference or first frame: 51.200308000 seconds]
Frame Number: 125
Frame Length: 54 bytes
Capture Length: 54 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x7fb6 (32694)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7f02 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 482, Ack: 196, Len: 0
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 482 (relative sequence number)
Acknowledgement number: 196 (relative ack number)
Header length: 20 bytes
Flags: 0x11 (FIN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
[Expert Info (Chat/Sequence): Connection finish (FIN)]
[Message: Connection finish (FIN)]
[Severity level: Chat]
[Group: Sequence]
Window size: 6432
Checksum: 0x3c32 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 101]
[The RTT to ACK the segment was: 14.823143000 seconds]
No. Time Source Destination Protocol Info
126 51.200532 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [ACK] Seq=196 Ack=483 Win=65535 Len=0
Frame 126 (60 bytes on wire, 60 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.361800000
[Time delta from previous captured frame: 0.000224000 seconds]
[Time delta from previous displayed frame: 0.000224000 seconds]
[Time since reference or first frame: 51.200532000 seconds]
Frame Number: 126
Frame Length: 60 bytes
Capture Length: 60 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xf1e8 (6192
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x0cd0 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 196, Ack: 483, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 196 (relative sequence number)
Acknowledgement number: 483 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xb2b7 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 125]
[The RTT to ACK the segment was: 0.000224000 seconds]
No. Time Source Destination Protocol Info
163 51.710222 ps3.ps3.ps3.ps3 prxy.dns.fake.http DNS Standard query A ena.net.playstation.net
Frame 163 (83 bytes on wire, 83 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.871490000
[Time delta from previous captured frame: 0.120066000 seconds]
[Time delta from previous displayed frame: 0.509690000 seconds]
[Time since reference or first frame: 51.710222000 seconds]
Frame Number: 163
Frame Length: 83 bytes
Capture Length: 83 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 69
Identification: 0xfc76 (64630)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x421a [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55833 (55833), Dst Port: domain (53)
Source port: 55833 (55833)
Destination port: domain (53)
Length: 49
Checksum: 0xab43 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
[Response In: 164]
Transaction I
0xadd7
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
ena.net.playstation.net: type A, class IN
Name: ena.net.playstation.net
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
164 51.710502 prxy.dns.fake.http ps3.ps3.ps3.ps3 DNS Standard query response CNAME gp02.fp.playstation.net A prxy.dns.fake.http
Frame 164 (143 bytes on wire, 143 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.871770000
[Time delta from previous captured frame: 0.000280000 seconds]
[Time delta from previous displayed frame: 0.000280000 seconds]
[Time since reference or first frame: 51.710502000 seconds]
Frame Number: 164
Frame Length: 143 bytes
Capture Length: 143 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 129
Identification: 0x752d (29997)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc927 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55833 (55833)
Source port: domain (53)
Destination port: 55833 (55833)
Length: 109
Checksum: 0x3c96 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 163]
[Time: 0.000280000 seconds]
Transaction I
0xadd7
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 1
Additional RRs: 0
Queries
ena.net.playstation.net: type A, class IN
Name: ena.net.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
ena.net.playstation.net: type CNAME, class IN, cname gp02.fp.playstation.net
Name: ena.net.playstation.net
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 33 minutes, 21 seconds
Data length: 10
Primary name: gp02.fp.playstation.net
gp02.fp.playstation.net: type A, class IN, addr prxy.dns.fake.http
Name: gp02.fp.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 4
Addr: prxy.dns.fake.http
Authoritative nameservers
fp.playstation.net: type NS, class IN, ns ps3proxy
Name: fp.playstation.net
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 10
Name server: ps3proxy
No. Time Source Destination Protocol Info
165 51.710804 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64777 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
Frame 165 (78 bytes on wire, 78 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.872072000
[Time delta from previous captured frame: 0.000302000 seconds]
[Time delta from previous displayed frame: 0.000302000 seconds]
[Time since reference or first frame: 51.710804000 seconds]
Frame Number: 165
Frame Length: 78 bytes
Capture Length: 78 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: TCP SYN/FIN]
[Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 64
Identification: 0x8a80 (35456)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7420 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64777 (64777), Dst Port: https (443), Seq: 0, Len: 0
Source port: 64777 (64777)
Destination port: https (443)
[Stream index: 20]
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x02 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgement: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port https]
[Message: Connection establish request (SYN): server port https]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xde8f [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (24 bytes)
Maximum segment size: 1460 bytes
NOP
Window scale: 0 (multiply by 1)
SACK permitted
NOP
NOP
NOP
NOP
Timestamps: TSval 0, TSecr 0
No. Time Source Destination Protocol Info
166 51.710833 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP https > 64777 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
Frame 166 (54 bytes on wire, 54 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.872101000
[Time delta from previous captured frame: 0.000029000 seconds]
[Time delta from previous displayed frame: 0.000029000 seconds]
[Time since reference or first frame: 51.710833000 seconds]
Frame Number: 166
Frame Length: 54 bytes
Capture Length: 54 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: TCP RST]
[Coloring Rule String: tcp.flags.reset eq 1]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xfeb8 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: https (443), Dst Port: 64777 (64777), Seq: 1, Ack: 1, Len: 0
Source port: https (443)
Destination port: 64777 (64777)
[Stream index: 20]
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x14 (RST, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .1.. = Reset: Set
[Expert Info (Chat/Sequence): Connection reset (RST)]
[Message: Connection reset (RST)]
[Severity level: Chat]
[Group: Sequence]
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 0
Checksum: 0x585e [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 165]
[The RTT to ACK the segment was: 0.000029000 seconds]
No. Time Source Destination Protocol Info
208 73.816052 ps3.ps3.ps3.ps3 prxy.dns.fake.http DNS Standard query A xmb.dl.playstation.net
Frame 208 (82 bytes on wire, 82 bytes captured)
Arrival Time: Feb 11, 2011 17:04:18.977320000
[Time delta from previous captured frame: 3.042345000 seconds]
[Time delta from previous displayed frame: 22.105219000 seconds]
[Time since reference or first frame: 73.816052000 seconds]
Frame Number: 208
Frame Length: 82 bytes
Capture Length: 82 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 68
Identification: 0xbc1c (48156)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x8275 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55832 (55832), Dst Port: domain (53)
Source port: 55832 (55832)
Destination port: domain (53)
Length: 48
Checksum: 0xab9a [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
[Response In: 211]
Transaction I
0xfc99
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
xmb.dl.playstation.net: type A, class IN
Name: xmb.dl.playstation.net
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
211 73.827337 prxy.dns.fake.http ps3.ps3.ps3.ps3 DNS Standard query response CNAME l02.cdn.update.playstation.net A prxy.dns.fake.http
Frame 211 (149 bytes on wire, 149 bytes captured)
Arrival Time: Feb 11, 2011 17:04:18.988605000
[Time delta from previous captured frame: 0.000420000 seconds]
[Time delta from previous displayed frame: 0.011285000 seconds]
[Time since reference or first frame: 73.827337000 seconds]
Frame Number: 211
Frame Length: 149 bytes
Capture Length: 149 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 135
Identification: 0x752e (2999
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc920 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55832 (55832)
Source port: domain (53)
Destination port: 55832 (55832)
Length: 115
Checksum: 0x3c9c [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 208]
[Time: 0.011285000 seconds]
Transaction I
0xfc99
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 1
Additional RRs: 0
Queries
xmb.dl.playstation.net: type A, class IN
Name: xmb.dl.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
xmb.dl.playstation.net: type CNAME, class IN, cname l02.cdn.update.playstation.net
Name: xmb.dl.playstation.net
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 58 minutes, 41 seconds
Data length: 17
Primary name: l02.cdn.update.playstation.net
l02.cdn.update.playstation.net: type A, class IN, addr prxy.dns.fake.http
Name: l02.cdn.update.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 4
Addr: prxy.dns.fake.http
Authoritative nameservers
cdn.update.playstation.net: type NS, class IN, ns ps3proxy
Name: cdn.update.playstation.net
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 10
Name server: ps3proxy
No. Time Source Destination Protocol Info
212 73.827707 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64776 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
Frame 212 (78 bytes on wire, 78 bytes captured)
Arrival Time: Feb 11, 2011 17:04:18.988975000
[Time delta from previous captured frame: 0.000370000 seconds]
[Time delta from previous displayed frame: 0.000370000 seconds]
[Time since reference or first frame: 73.827707000 seconds]
Frame Number: 212
Frame Length: 78 bytes
Capture Length: 78 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 64
Identification: 0xbf7b (49019)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x3f25 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64776 (64776), Dst Port: http (80), Seq: 0, Len: 0
Source port: 64776 (64776)
Destination port: http (80)
[Stream index: 26]
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x02 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgement: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Message: Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0x53b5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (24 bytes)
Maximum segment size: 1460 bytes
NOP
Window scale: 0 (multiply by 1)
SACK permitted
NOP
NOP
NOP
NOP
Timestamps: TSval 0, TSecr 0
No. Time Source Destination Protocol Info
213 73.827757 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64776 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460

No. Time Source Destination Protocol Info
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 116
Identification: 0x7529 (29993)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc938 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55835 (55835)
Source port: domain (53)
Destination port: 55835 (55835)
Length: 96
Checksum: 0x3c89 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 89]
[Time: 0.000267000 seconds]
Transaction I
0xb815
Flags: 0x8580 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .1.. .... .... = Authoritative: Server is an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 1
Authority RRs: 1
Additional RRs: 0
Queries
feu01.ps3.update.playstation.net: type A, class IN
Name: feu01.ps3.update.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
feu01.ps3.update.playstation.net: type A, class IN, addr prxy.dns.fake.http
Name: feu01.ps3.update.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 4
Addr: prxy.dns.fake.http
Authoritative nameservers
ps3.update.playstation.net: type NS, class IN, ns ps3proxy
Name: ps3.update.playstation.net
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 10
Name server: ps3proxy
No. Time Source Destination Protocol Info
91 36.185879 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
Frame 91 (78 bytes on wire, 78 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347147000
[Time delta from previous captured frame: 0.000390000 seconds]
[Time delta from previous displayed frame: 0.000390000 seconds]
[Time since reference or first frame: 36.185879000 seconds]
Frame Number: 91
Frame Length: 78 bytes
Capture Length: 78 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 64
Identification: 0x8468 (33896)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7a38 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 0, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x02 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgement: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Message: Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0x9a90 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (24 bytes)
Maximum segment size: 1460 bytes
NOP
Window scale: 0 (multiply by 1)
SACK permitted
NOP
NOP
NOP
NOP
Timestamps: TSval 0, TSecr 0
No. Time Source Destination Protocol Info
92 36.185924 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64780 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
Frame 92 (58 bytes on wire, 58 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347192000
[Time delta from previous captured frame: 0.000045000 seconds]
[Time delta from previous displayed frame: 0.000045000 seconds]
[Time since reference or first frame: 36.185924000 seconds]
Frame Number: 92
Frame Length: 58 bytes
Capture Length: 58 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 44
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xfeb4 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 24 bytes
Flags: 0x12 (SYN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port http]
[Message: Connection establish acknowledge (SYN+ACK): server port http]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 5840
Checksum: 0x3c36 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (4 bytes)
Maximum segment size: 1460 bytes
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 91]
[The RTT to ACK the segment was: 0.000045000 seconds]
No. Time Source Destination Protocol Info
93 36.186158 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0
Frame 93 (60 bytes on wire, 60 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347426000
[Time delta from previous captured frame: 0.000234000 seconds]
[Time delta from previous displayed frame: 0.000234000 seconds]
[Time since reference or first frame: 36.186158000 seconds]
Frame Number: 93
Frame Length: 60 bytes
Capture Length: 60 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xefe2 (61410)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x0ed6 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 1, Ack: 1, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xb55c [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 92]
[The RTT to ACK the segment was: 0.000234000 seconds]
No. Time Source Destination Protocol Info
94 36.186449 ps3.ps3.ps3.ps3 prxy.dns.fake.http HTTP GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
Frame 94 (249 bytes on wire, 249 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347717000
[Time delta from previous captured frame: 0.000291000 seconds]
[Time delta from previous displayed frame: 0.000291000 seconds]
[Time since reference or first frame: 36.186449000 seconds]
Frame Number: 94
Frame Length: 249 bytes
Capture Length: 249 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp:http]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 235
Identification: 0xca45 (51781)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x33b0 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 1, Ack: 1, Len: 195
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
[Next sequence number: 196 (relative sequence number)]
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0x1be0 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[Number of bytes in flight: 195]
Hypertext Transfer Protocol
GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
[Expert Info (Chat/Sequence): GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
]
[Message: GET /update/ps3/list/eu/ps3-updatelist.txt HTTP/1.1
]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: /update/ps3/list/eu/ps3-updatelist.txt
Request Version: HTTP/1.1
Host: feu01.ps3.update.playstation.net
Connection: Keep-Alive
Accept-Encoding: identity
User-Agent: PS3Update-agent/1.0.0 libhttp/1.0.0
No. Time Source Destination Protocol Info
95 36.186486 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64780 [ACK] Seq=1 Ack=196 Win=6432 Len=0
Frame 95 (54 bytes on wire, 54 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.347754000
[Time delta from previous captured frame: 0.000037000 seconds]
[Time delta from previous displayed frame: 0.000037000 seconds]
[Time since reference or first frame: 36.186486000 seconds]
Frame Number: 95
Frame Length: 54 bytes
Capture Length: 54 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x7fb4 (32692)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7f04 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 1, Ack: 196, Len: 0
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
Acknowledgement number: 196 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 6432
Checksum: 0x3c32 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 94]
[The RTT to ACK the segment was: 0.000037000 seconds]
No. Time Source Destination Protocol Info
96 36.186831 prxy.dns.fake.http ps3.ps3.ps3.ps3 HTTP HTTP/1.1 200 OK (text/plain)
Frame 96 (535 bytes on wire, 535 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.348099000
[Time delta from previous captured frame: 0.000345000 seconds]
[Time delta from previous displayed frame: 0.000345000 seconds]
[Time since reference or first frame: 36.186831000 seconds]
Frame Number: 96
Frame Length: 535 bytes
Capture Length: 535 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp:http:data-text-lines]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 521
Identification: 0x7fb5 (32693)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7d22 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 1, Ack: 196, Len: 481
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 1 (relative sequence number)
[Next sequence number: 482 (relative sequence number)]
Acknowledgement number: 196 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 1... = Push: Set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 6432
Checksum: 0x3e13 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[Number of bytes in flight: 481]
Hypertext Transfer Protocol
HTTP/1.1 200 OK
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK
]
[Message: HTTP/1.1 200 OK
]
[Severity level: Chat]
[Group: Sequence]
Request Version: HTTP/1.1
Response Code: 200
Date: Fri, 11 Feb 2011 16:03:41 GMT
Server: Apache/2.2.16 (Ubuntu)
Last-Modified: Wed, 09 Feb 2011 12:56:33 GMT
ETag: "cf7bf-a6-49bd8fe926051"
Accept-Ranges: bytes
Content-Length: 166
[Content length: 166]
Vary: Accept-Encoding
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/plain
Line-based text data: text/plain
# EU\n
Dest=85;CompatibleSystemSoftwareVersion=3.5500-;\n
Dest=85;ImageVersion=0000b99c;SystemSoftwareVersion=3.5500;CDN=https://prxy.dns.fake.http/PS3UPDAT.PUP;CDN_Timeout=30;\n
\n
No. Time Source Destination Protocol Info
97 36.234754 ps3.ps3.ps3.ps3 prxy.dns.fake.http DNS Standard query A auth.np.ac.playstation.net
Frame 97 (86 bytes on wire, 86 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.396022000
[Time delta from previous captured frame: 0.047923000 seconds]
[Time delta from previous displayed frame: 0.047923000 seconds]
[Time since reference or first frame: 36.234754000 seconds]
Frame Number: 97
Frame Length: 86 bytes
Capture Length: 86 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 72
Identification: 0xd6fe (5503
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x678f [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55834 (55834), Dst Port: domain (53)
Source port: 55834 (55834)
Destination port: domain (53)
Length: 52
Checksum: 0xaf4f [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
[Response In: 98]
Transaction I
0x2270
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
auth.np.ac.playstation.net: type A, class IN
Name: auth.np.ac.playstation.net
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
98 36.235009 prxy.dns.fake.http ps3.ps3.ps3.ps3 DNS Standard query response A 199.108.4.73
Frame 98 (102 bytes on wire, 102 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.396277000
[Time delta from previous captured frame: 0.000255000 seconds]
[Time delta from previous displayed frame: 0.000255000 seconds]
[Time since reference or first frame: 36.235009000 seconds]
Frame Number: 98
Frame Length: 102 bytes
Capture Length: 102 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 88
Identification: 0x752a (29994)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc953 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55834 (55834)
Source port: domain (53)
Destination port: 55834 (55834)
Length: 68
Checksum: 0x3c6d [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 97]
[Time: 0.000255000 seconds]
Transaction I
0x2270
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 1
Authority RRs: 0
Additional RRs: 0
Queries
auth.np.ac.playstation.net: type A, class IN
Name: auth.np.ac.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
auth.np.ac.playstation.net: type A, class IN, addr 199.108.4.73
Name: auth.np.ac.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 31 minutes, 23 seconds
Data length: 4
Addr: 199.108.4.73
No. Time Source Destination Protocol Info
101 36.377165 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [ACK] Seq=196 Ack=482 Win=65535 Len=0
Frame 101 (60 bytes on wire, 60 bytes captured)
Arrival Time: Feb 11, 2011 17:03:41.538433000
[Time delta from previous captured frame: 0.037401000 seconds]
[Time delta from previous displayed frame: 0.142156000 seconds]
[Time since reference or first frame: 36.377165000 seconds]
Frame Number: 101
Frame Length: 60 bytes
Capture Length: 60 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x86a7 (34471)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7811 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 196, Ack: 482, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 196 (relative sequence number)
Acknowledgement number: 482 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xb2b8 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 96]
[The RTT to ACK the segment was: 0.190334000 seconds]
No. Time Source Destination Protocol Info
103 38.820981 ps3.ps3.ps3.ps3 prxy.dns.fake.http STUN Message: Binding Request
Frame 103 (98 bytes on wire, 98 bytes captured)
Arrival Time: Feb 11, 2011 17:03:43.982249000
[Time delta from previous captured frame: 1.960515000 seconds]
[Time delta from previous displayed frame: 2.443816000 seconds]
[Time since reference or first frame: 38.820981000 seconds]
Frame Number: 103
Frame Length: 98 bytes
Capture Length: 98 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:stun]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xf538 (62776)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x4949 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
104 38.821036 prxy.dns.fake.http ps3.ps3.ps3.ps3 ICMP Destination unreachable (Port unreachable)
Frame 104 (126 bytes on wire, 126 bytes captured)
Arrival Time: Feb 11, 2011 17:03:43.982304000
[Time delta from previous captured frame: 0.000055000 seconds]
[Time delta from previous displayed frame: 0.000055000 seconds]
[Time since reference or first frame: 38.821036000 seconds]
Frame Number: 104
Frame Length: 126 bytes
Capture Length: 126 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:icmp:ip:udp:stun]
[Coloring Rule Name: ICMP errors]
[Coloring Rule String: icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 112
Identification: 0x752b (29995)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: ICMP (0x01)
Header checksum: 0xc88a [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0x3966 [correct]
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xf538 (62776)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x4949 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
119 45.222458 ps3.ps3.ps3.ps3 prxy.dns.fake.http STUN Message: Binding Request
Frame 119 (98 bytes on wire, 98 bytes captured)
Arrival Time: Feb 11, 2011 17:03:50.383726000
[Time delta from previous captured frame: 2.166652000 seconds]
[Time delta from previous displayed frame: 6.401422000 seconds]
[Time since reference or first frame: 45.222458000 seconds]
Frame Number: 119
Frame Length: 98 bytes
Capture Length: 98 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:stun]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xadd2 (4449
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x90af [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
120 45.222523 prxy.dns.fake.http ps3.ps3.ps3.ps3 ICMP Destination unreachable (Port unreachable)
Frame 120 (126 bytes on wire, 126 bytes captured)
Arrival Time: Feb 11, 2011 17:03:50.383791000
[Time delta from previous captured frame: 0.000065000 seconds]
[Time delta from previous displayed frame: 0.000065000 seconds]
[Time since reference or first frame: 45.222523000 seconds]
Frame Number: 120
Frame Length: 126 bytes
Capture Length: 126 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:icmp:ip:udp:stun]
[Coloring Rule Name: ICMP errors]
[Coloring Rule String: icmp.type eq 3 || icmp.type eq 4 || icmp.type eq 5 || icmp.type eq 11]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 112
Identification: 0x752c (29996)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: ICMP (0x01)
Header checksum: 0xc889 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (Port unreachable)
Checksum: 0x3966 [correct]
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 84
Identification: 0xadd2 (4449
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x90af [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55836 (55836), Dst Port: stun (347
Source port: 55836 (55836)
Destination port: stun (347
Length: 64
Checksum: 0x8de5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Simple Traversal of UDP Through NAT
Message Type: Binding Request (0x0001)
Message Length: 0x0024
Message Transaction I
A2E8CB3F8CC4DB1332AED2CCCF3333F3
Attributes
Attribute: XOR_ONLY
Attribute Type: XOR_ONLY (0x0021)
Attribute Length: 0
Attribute: USERNAME
Attribute Type: USERNAME (0x0006)
Attribute Length: 4
Value: 00000001
Attribute: MESSAGE-INTEGRITY
Attribute Type: MESSAGE-INTEGRITY (0x000
Attribute Length: 20
Value: BA779C331E3E0EE60478BDF30125A534A6D8DB40
No. Time Source Destination Protocol Info
125 51.200308 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64780 [FIN, ACK] Seq=482 Ack=196 Win=6432 Len=0
Frame 125 (54 bytes on wire, 54 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.361576000
[Time delta from previous captured frame: 3.128568000 seconds]
[Time delta from previous displayed frame: 5.977785000 seconds]
[Time since reference or first frame: 51.200308000 seconds]
Frame Number: 125
Frame Length: 54 bytes
Capture Length: 54 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x7fb6 (32694)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7f02 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: http (80), Dst Port: 64780 (64780), Seq: 482, Ack: 196, Len: 0
Source port: http (80)
Destination port: 64780 (64780)
[Stream index: 10]
Sequence number: 482 (relative sequence number)
Acknowledgement number: 196 (relative ack number)
Header length: 20 bytes
Flags: 0x11 (FIN, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...1 = Fin: Set
[Expert Info (Chat/Sequence): Connection finish (FIN)]
[Message: Connection finish (FIN)]
[Severity level: Chat]
[Group: Sequence]
Window size: 6432
Checksum: 0x3c32 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 101]
[The RTT to ACK the segment was: 14.823143000 seconds]
No. Time Source Destination Protocol Info
126 51.200532 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64780 > http [ACK] Seq=196 Ack=483 Win=65535 Len=0
Frame 126 (60 bytes on wire, 60 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.361800000
[Time delta from previous captured frame: 0.000224000 seconds]
[Time delta from previous displayed frame: 0.000224000 seconds]
[Time since reference or first frame: 51.200532000 seconds]
Frame Number: 126
Frame Length: 60 bytes
Capture Length: 60 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Trailer: 000000000000
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0xf1e8 (6192
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x0cd0 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64780 (64780), Dst Port: http (80), Seq: 196, Ack: 483, Len: 0
Source port: 64780 (64780)
Destination port: http (80)
[Stream index: 10]
Sequence number: 196 (relative sequence number)
Acknowledgement number: 483 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xb2b7 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 125]
[The RTT to ACK the segment was: 0.000224000 seconds]
No. Time Source Destination Protocol Info
163 51.710222 ps3.ps3.ps3.ps3 prxy.dns.fake.http DNS Standard query A ena.net.playstation.net
Frame 163 (83 bytes on wire, 83 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.871490000
[Time delta from previous captured frame: 0.120066000 seconds]
[Time delta from previous displayed frame: 0.509690000 seconds]
[Time since reference or first frame: 51.710222000 seconds]
Frame Number: 163
Frame Length: 83 bytes
Capture Length: 83 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 69
Identification: 0xfc76 (64630)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x421a [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55833 (55833), Dst Port: domain (53)
Source port: 55833 (55833)
Destination port: domain (53)
Length: 49
Checksum: 0xab43 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
[Response In: 164]
Transaction I
0xadd7
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
ena.net.playstation.net: type A, class IN
Name: ena.net.playstation.net
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
164 51.710502 prxy.dns.fake.http ps3.ps3.ps3.ps3 DNS Standard query response CNAME gp02.fp.playstation.net A prxy.dns.fake.http
Frame 164 (143 bytes on wire, 143 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.871770000
[Time delta from previous captured frame: 0.000280000 seconds]
[Time delta from previous displayed frame: 0.000280000 seconds]
[Time since reference or first frame: 51.710502000 seconds]
Frame Number: 164
Frame Length: 143 bytes
Capture Length: 143 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 129
Identification: 0x752d (29997)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc927 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55833 (55833)
Source port: domain (53)
Destination port: 55833 (55833)
Length: 109
Checksum: 0x3c96 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 163]
[Time: 0.000280000 seconds]
Transaction I
0xadd7
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 1
Additional RRs: 0
Queries
ena.net.playstation.net: type A, class IN
Name: ena.net.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
ena.net.playstation.net: type CNAME, class IN, cname gp02.fp.playstation.net
Name: ena.net.playstation.net
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 33 minutes, 21 seconds
Data length: 10
Primary name: gp02.fp.playstation.net
gp02.fp.playstation.net: type A, class IN, addr prxy.dns.fake.http
Name: gp02.fp.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 4
Addr: prxy.dns.fake.http
Authoritative nameservers
fp.playstation.net: type NS, class IN, ns ps3proxy
Name: fp.playstation.net
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 10
Name server: ps3proxy
No. Time Source Destination Protocol Info
165 51.710804 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64777 > https [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
Frame 165 (78 bytes on wire, 78 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.872072000
[Time delta from previous captured frame: 0.000302000 seconds]
[Time delta from previous displayed frame: 0.000302000 seconds]
[Time since reference or first frame: 51.710804000 seconds]
Frame Number: 165
Frame Length: 78 bytes
Capture Length: 78 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: TCP SYN/FIN]
[Coloring Rule String: tcp.flags & 0x02 || tcp.flags.fin == 1]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 64
Identification: 0x8a80 (35456)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x7420 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64777 (64777), Dst Port: https (443), Seq: 0, Len: 0
Source port: 64777 (64777)
Destination port: https (443)
[Stream index: 20]
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x02 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgement: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port https]
[Message: Connection establish request (SYN): server port https]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0xde8f [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (24 bytes)
Maximum segment size: 1460 bytes
NOP
Window scale: 0 (multiply by 1)
SACK permitted
NOP
NOP
NOP
NOP
Timestamps: TSval 0, TSecr 0
No. Time Source Destination Protocol Info
166 51.710833 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP https > 64777 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
Frame 166 (54 bytes on wire, 54 bytes captured)
Arrival Time: Feb 11, 2011 17:03:56.872101000
[Time delta from previous captured frame: 0.000029000 seconds]
[Time delta from previous displayed frame: 0.000029000 seconds]
[Time since reference or first frame: 51.710833000 seconds]
Frame Number: 166
Frame Length: 54 bytes
Capture Length: 54 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: TCP RST]
[Coloring Rule String: tcp.flags.reset eq 1]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 40
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xfeb8 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Transmission Control Protocol, Src Port: https (443), Dst Port: 64777 (64777), Seq: 1, Ack: 1, Len: 0
Source port: https (443)
Destination port: 64777 (64777)
[Stream index: 20]
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x14 (RST, ACK)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...1 .... = Acknowledgement: Set
.... 0... = Push: Not set
.... .1.. = Reset: Set
[Expert Info (Chat/Sequence): Connection reset (RST)]
[Message: Connection reset (RST)]
[Severity level: Chat]
[Group: Sequence]
.... ..0. = Syn: Not set
.... ...0 = Fin: Not set
Window size: 0
Checksum: 0x585e [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 165]
[The RTT to ACK the segment was: 0.000029000 seconds]
No. Time Source Destination Protocol Info
208 73.816052 ps3.ps3.ps3.ps3 prxy.dns.fake.http DNS Standard query A xmb.dl.playstation.net
Frame 208 (82 bytes on wire, 82 bytes captured)
Arrival Time: Feb 11, 2011 17:04:18.977320000
[Time delta from previous captured frame: 3.042345000 seconds]
[Time delta from previous displayed frame: 22.105219000 seconds]
[Time since reference or first frame: 73.816052000 seconds]
Frame Number: 208
Frame Length: 82 bytes
Capture Length: 82 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 68
Identification: 0xbc1c (48156)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0x8275 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
User Datagram Protocol, Src Port: 55832 (55832), Dst Port: domain (53)
Source port: 55832 (55832)
Destination port: domain (53)
Length: 48
Checksum: 0xab9a [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
[Response In: 211]
Transaction I
0xfc99
Flags: 0x0100 (Standard query)
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
xmb.dl.playstation.net: type A, class IN
Name: xmb.dl.playstation.net
Type: A (Host address)
Class: IN (0x0001)
No. Time Source Destination Protocol Info
211 73.827337 prxy.dns.fake.http ps3.ps3.ps3.ps3 DNS Standard query response CNAME l02.cdn.update.playstation.net A prxy.dns.fake.http
Frame 211 (149 bytes on wire, 149 bytes captured)
Arrival Time: Feb 11, 2011 17:04:18.988605000
[Time delta from previous captured frame: 0.000420000 seconds]
[Time delta from previous displayed frame: 0.011285000 seconds]
[Time since reference or first frame: 73.827337000 seconds]
Frame Number: 211
Frame Length: 149 bytes
Capture Length: 149 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Wistron_11:6d:b2 (mac:ps3:mac:ps3), Dst: a:mac:add:re:ss (a:mac:add:re:ss)
Destination: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: prxy.dns.fake.http (prxy.dns.fake.http), Dst: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 135
Identification: 0x752e (2999
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: UDP (0x11)
Header checksum: 0xc920 [correct]
[Good: True]
[Bad : False]
Source: prxy.dns.fake.http (prxy.dns.fake.http)
Destination: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
User Datagram Protocol, Src Port: domain (53), Dst Port: 55832 (55832)
Source port: domain (53)
Destination port: 55832 (55832)
Length: 115
Checksum: 0x3c9c [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (response)
[Request In: 208]
[Time: 0.011285000 seconds]
Transaction I
0xfc99
Flags: 0x8180 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
Questions: 1
Answer RRs: 2
Authority RRs: 1
Additional RRs: 0
Queries
xmb.dl.playstation.net: type A, class IN
Name: xmb.dl.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Answers
xmb.dl.playstation.net: type CNAME, class IN, cname l02.cdn.update.playstation.net
Name: xmb.dl.playstation.net
Type: CNAME (Canonical name for an alias)
Class: IN (0x0001)
Time to live: 58 minutes, 41 seconds
Data length: 17
Primary name: l02.cdn.update.playstation.net
l02.cdn.update.playstation.net: type A, class IN, addr prxy.dns.fake.http
Name: l02.cdn.update.playstation.net
Type: A (Host address)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 4
Addr: prxy.dns.fake.http
Authoritative nameservers
cdn.update.playstation.net: type NS, class IN, ns ps3proxy
Name: cdn.update.playstation.net
Type: NS (Authoritative name server)
Class: IN (0x0001)
Time to live: 10 hours, 40 minutes
Data length: 10
Name server: ps3proxy
No. Time Source Destination Protocol Info
212 73.827707 ps3.ps3.ps3.ps3 prxy.dns.fake.http TCP 64776 > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
Frame 212 (78 bytes on wire, 78 bytes captured)
Arrival Time: Feb 11, 2011 17:04:18.988975000
[Time delta from previous captured frame: 0.000370000 seconds]
[Time delta from previous displayed frame: 0.000370000 seconds]
[Time since reference or first frame: 73.827707000 seconds]
Frame Number: 212
Frame Length: 78 bytes
Capture Length: 78 bytes
[Frame is marked: True]
[Protocols in frame: eth:ip:tcp]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80]
Ethernet II, Src: a:mac:add:re:ss (a:mac:add:re:ss), Dst: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Destination: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
Address: Wistron_11:6d:b2 (mac:ps3:mac:ps3)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: a:mac:add:re:ss (a:mac:add:re:ss)
Address: a:mac:add:re:ss (a:mac:add:re:ss)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3), Dst: prxy.dns.fake.http (prxy.dns.fake.http)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 64
Identification: 0xbf7b (49019)
Flags: 0x02 (Don't Fragment)
0.. = Reserved bit: Not Set
.1. = Don't fragment: Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x3f25 [correct]
[Good: True]
[Bad : False]
Source: ps3.ps3.ps3.ps3 (ps3.ps3.ps3.ps3)
Destination: prxy.dns.fake.http (prxy.dns.fake.http)
Transmission Control Protocol, Src Port: 64776 (64776), Dst Port: http (80), Seq: 0, Len: 0
Source port: 64776 (64776)
Destination port: http (80)
[Stream index: 26]
Sequence number: 0 (relative sequence number)
Header length: 44 bytes
Flags: 0x02 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgement: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
[Expert Info (Chat/Sequence): Connection establish request (SYN): server port http]
[Message: Connection establish request (SYN): server port http]
[Severity level: Chat]
[Group: Sequence]
.... ...0 = Fin: Not set
Window size: 65535
Checksum: 0x53b5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (24 bytes)
Maximum segment size: 1460 bytes
NOP
Window scale: 0 (multiply by 1)
SACK permitted
NOP
NOP
NOP
NOP
Timestamps: TSval 0, TSecr 0
No. Time Source Destination Protocol Info
213 73.827757 prxy.dns.fake.http ps3.ps3.ps3.ps3 TCP http > 64776 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
Copyright © 2026, NextGenUpdate.
All Rights Reserved.