Would anyway be able to have a look in the pcap of my computer as I am thinking my computer get attacked by a process keep sending out packet from my computer to DoS my network. I get errors in DNS very often and I simply cannot use the internet. asked 10 Apr '16, 18:31  Henrylalala edited 10 Apr '16, 18:33 |
One Answer:
You have limited the frame size during the capturing phase, so it's impossible to do any (deeper) analysis. From what I can see in the pcap: Your client (172.23.72.15) is sending a lot more requests to your DNS resolver (192.168.159.250) thaen it receives responses. That could be a sign for DNS problems. As I said: You've limited the frame size during the capturing phase, so any further analysis is not possible. Regards answered 19 Apr '16, 06:50  Kurt Knochner ♦ |
To help with this one you'd atleast have to posts the part(s) of the pcap you are concerned with.
As msmorten points out we could do with some indication of which packets you are concerned about.
Did you choose to capture the layer 4 headers only as none of the packets appear to have any data?
From the PCAP provided it certainly appears like something isn't working properly as there is no data in what appears to be DNS packets (It's UDP to port 53), or any packets for that matter.