Description
- This is a normal P2P capture from a Linux Debian notebook in a home network. The goal of this capture is to help analyze the P2P traffic. (The computer was normal because we check it manually)
- The capture started on 2013-12-17 at 23:09 hs
- IP of the normal computer: 10.0.0.46
- The actions of the normal computer were:
- Use the Deluge P2P program from Linux to download some large files.
- Navigate some web pages, including Twitter and YouTube.
- Use jabber.
- All webpages accessed with a Chrome browser.
- The traffic in the file is composed of all the packets coming to and from the machine and related packets from the router. The broadcast and multicast traffic was deleted, as well as the traffic from other hosts in the same network.
The program mtr is creating all those .in-addr.arpa DNS requests and is completely normal.
Timeline
Tue Dec 17 22:10:12 CET 2013
The P2P program was running for 1 hour before the capture started. At the beginning there is also a mtr sending ICMP packages to www.google.com
At some point some web pages open. And also the pidgin IM was used.