Overview
OpenLDAPでLDAP(389)+SSL/TLSとLDAPSの通信を確認と比較をする。
Reference
Environment
LDAP Server
ctadmin@svr-ldap02:~$ slapd -V @(#) $OpenLDAP: slapd 2.5.16+dfsg-0ubuntu0.22.04.1 (Jul 31 2023 22:13:10) $ Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> ctadmin@svr-ldap02:~$
LDAP Client
ctadmin@client:~$ ldapsearch -V ldapsearch: @(#) $OpenLDAP: ldapsearch 2.5.16+dfsg-0ubuntu0.22.04.1 (Jul 31 2023 22:13:10) $ Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> (LDAP library: OpenLDAP 20516) ldap_sasl_interactive_bind: Can't contact LDAP server (-1) ctadmin@client:~$
LDAP(389)
Command and Result
ctadmin@client:~$ ldapsearch -H ldap://ldap.cavtime.com -D "cn=admin,dc=cavtime,dc=com" -b "cn=User01,ou=people,dc=cavtime,dc=com" -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <cn=User01,ou=people,dc=cavtime,dc=com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # User01, people, cavtime.com dn: cn=User01,ou=people,dc=cavtime,dc=com objectClass: posixAccount objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person loginShell: /bin/bash homeDirectory: /home/user01 uid: user01 cn: User01 userPassword:: e1NTSEF9SWlwRzZvZC9vUW45NndNclJXblRIN2pENUpaNVlYb3c= uidNumber: 10001 gidNumber: 10000 sn: User01 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 ctadmin@client:~$
Packet List
No. Time Source Destination Protocol Length Info 42 11.051863 192.168.1.58 192.168.1.13 TCP 74 50602 → 389 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=318079163 TSecr=0 WS=128 43 11.051888 192.168.1.13 192.168.1.58 TCP 74 389 → 50602 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1122417641 TSecr=318079163 WS=128 44 11.052097 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=318079163 TSecr=1122417641 45 11.052213 192.168.1.58 192.168.1.13 LDAP 116 bindRequest(1) "cn=admin,dc=cavtime,dc=com" simple 46 11.052221 192.168.1.13 192.168.1.58 TCP 66 389 → 50602 [ACK] Seq=1 Ack=51 Win=65152 Len=0 TSval=1122417642 TSecr=318079163 47 11.052477 192.168.1.13 192.168.1.58 LDAP 80 bindResponse(1) success 48 11.052811 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=51 Ack=15 Win=64256 Len=0 TSval=318079164 TSecr=1122417642 49 11.052999 192.168.1.58 192.168.1.13 LDAP 142 searchRequest(2) "cn=User01,ou=people,dc=cavtime,dc=com" wholeSubtree 50 11.053487 192.168.1.13 192.168.1.58 LDAP 407 searchResEntry(2) "cn=User01,ou=people,dc=cavtime,dc=com" 51 11.053735 192.168.1.13 192.168.1.58 LDAP 80 searchResDone(2) success [1 result] 52 11.054151 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=127 Ack=370 Win=64128 Len=0 TSval=318079165 TSecr=1122417643 53 11.054256 192.168.1.58 192.168.1.13 LDAP 73 unbindRequest(3) 54 11.054256 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [FIN, ACK] Seq=134 Ack=370 Win=64128 Len=0 TSval=318079165 TSecr=1122417643 55 11.054401 192.168.1.13 192.168.1.58 TCP 66 389 → 50602 [FIN, ACK] Seq=370 Ack=135 Win=65152 Len=0 TSval=1122417644 TSecr=318079165 56 11.054633 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=135 Ack=371 Win=64128 Len=0 TSval=318079166 TSecr=1122417644
Packet Detail
No. Time Source Destination Protocol Length Info
42 11.051863 192.168.1.58 192.168.1.13 TCP 74 50602 → 389 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=318079163 TSecr=0 WS=128
Frame 42: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 0, Len: 0
No. Time Source Destination Protocol Length Info
43 11.051888 192.168.1.13 192.168.1.58 TCP 74 389 → 50602 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1122417641 TSecr=318079163 WS=128
Frame 43: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
Ethernet II, Src: PcsCompu_32:ce:1a (08:00:27:32:ce:1a), Dst: PcsCompu_93:da:1e (08:00:27:93:da:1e)
Internet Protocol Version 4, Src: 192.168.1.13, Dst: 192.168.1.58
Transmission Control Protocol, Src Port: 389, Dst Port: 50602, Seq: 0, Ack: 1, Len: 0
No. Time Source Destination Protocol Length Info
44 11.052097 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=318079163 TSecr=1122417641
Frame 44: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 1, Ack: 1, Len: 0
No. Time Source Destination Protocol Length Info
45 11.052213 192.168.1.58 192.168.1.13 LDAP 116 bindRequest(1) "cn=admin,dc=cavtime,dc=com" simple
Frame 45: 116 bytes on wire (928 bits), 116 bytes captured (928 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 1, Ack: 1, Len: 50
Lightweight Directory Access Protocol
LDAPMessage bindRequest(1) "cn=admin,dc=cavtime,dc=com" simple
messageID: 1
protocolOp: bindRequest (0)
bindRequest
version: 3
name: cn=admin,dc=cavtime,dc=com
authentication: simple (0)
simple: Media#0479
[Response In: 47]
No. Time Source Destination Protocol Length Info
46 11.052221 192.168.1.13 192.168.1.58 TCP 66 389 → 50602 [ACK] Seq=1 Ack=51 Win=65152 Len=0 TSval=1122417642 TSecr=318079163
Frame 46: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_32:ce:1a (08:00:27:32:ce:1a), Dst: PcsCompu_93:da:1e (08:00:27:93:da:1e)
Internet Protocol Version 4, Src: 192.168.1.13, Dst: 192.168.1.58
Transmission Control Protocol, Src Port: 389, Dst Port: 50602, Seq: 1, Ack: 51, Len: 0
No. Time Source Destination Protocol Length Info
47 11.052477 192.168.1.13 192.168.1.58 LDAP 80 bindResponse(1) success
Frame 47: 80 bytes on wire (640 bits), 80 bytes captured (640 bits)
Ethernet II, Src: PcsCompu_32:ce:1a (08:00:27:32:ce:1a), Dst: PcsCompu_93:da:1e (08:00:27:93:da:1e)
Internet Protocol Version 4, Src: 192.168.1.13, Dst: 192.168.1.58
Transmission Control Protocol, Src Port: 389, Dst Port: 50602, Seq: 1, Ack: 51, Len: 14
Lightweight Directory Access Protocol
LDAPMessage bindResponse(1) success
messageID: 1
protocolOp: bindResponse (1)
bindResponse
resultCode: success (0)
matchedDN:
errorMessage:
[Response To: 45]
[Time: 0.000264000 seconds]
No. Time Source Destination Protocol Length Info
48 11.052811 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=51 Ack=15 Win=64256 Len=0 TSval=318079164 TSecr=1122417642
Frame 48: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 51, Ack: 15, Len: 0
No. Time Source Destination Protocol Length Info
49 11.052999 192.168.1.58 192.168.1.13 LDAP 142 searchRequest(2) "cn=User01,ou=people,dc=cavtime,dc=com" wholeSubtree
Frame 49: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 51, Ack: 15, Len: 76
Lightweight Directory Access Protocol
LDAPMessage searchRequest(2) "cn=User01,ou=people,dc=cavtime,dc=com" wholeSubtree
messageID: 2
protocolOp: searchRequest (3)
searchRequest
baseObject: cn=User01,ou=people,dc=cavtime,dc=com
scope: wholeSubtree (2)
derefAliases: neverDerefAliases (0)
sizeLimit: 0
timeLimit: 0
typesOnly: False
Filter: (objectclass=*)
filter: present (7)
present: objectclass
attributes: 0 items
[Response In: 50]
No. Time Source Destination Protocol Length Info
50 11.053487 192.168.1.13 192.168.1.58 LDAP 407 searchResEntry(2) "cn=User01,ou=people,dc=cavtime,dc=com"
Frame 50: 407 bytes on wire (3256 bits), 407 bytes captured (3256 bits)
Ethernet II, Src: PcsCompu_32:ce:1a (08:00:27:32:ce:1a), Dst: PcsCompu_93:da:1e (08:00:27:93:da:1e)
Internet Protocol Version 4, Src: 192.168.1.13, Dst: 192.168.1.58
Transmission Control Protocol, Src Port: 389, Dst Port: 50602, Seq: 15, Ack: 127, Len: 341
Lightweight Directory Access Protocol
LDAPMessage searchResEntry(2) "cn=User01,ou=people,dc=cavtime,dc=com" [1 result]
messageID: 2
protocolOp: searchResEntry (4)
searchResEntry
objectName: cn=User01,ou=people,dc=cavtime,dc=com
attributes: 9 items
PartialAttributeList item objectClass
type: objectClass
vals: 4 items
AttributeValue: posixAccount
AttributeValue: inetOrgPerson
AttributeValue: organizationalPerson
AttributeValue: person
PartialAttributeList item loginShell
type: loginShell
vals: 1 item
AttributeValue: /bin/bash
PartialAttributeList item homeDirectory
type: homeDirectory
vals: 1 item
AttributeValue: /home/user01
PartialAttributeList item uid
type: uid
vals: 1 item
AttributeValue: user01
PartialAttributeList item cn
type: cn
vals: 1 item
AttributeValue: User01
PartialAttributeList item userPassword
type: userPassword
vals: 1 item
AttributeValue: {SSHA}IipG6od/oQn96wMrRWnTH7jD5JZ5YXow
PartialAttributeList item uidNumber
type: uidNumber
vals: 1 item
AttributeValue: 10001
PartialAttributeList item gidNumber
type: gidNumber
vals: 1 item
AttributeValue: 10000
PartialAttributeList item sn
type: sn
vals: 1 item
AttributeValue: User01
[Response To: 49]
[Time: 0.000488000 seconds]
No. Time Source Destination Protocol Length Info
51 11.053735 192.168.1.13 192.168.1.58 LDAP 80 searchResDone(2) success [1 result]
Frame 51: 80 bytes on wire (640 bits), 80 bytes captured (640 bits)
Ethernet II, Src: PcsCompu_32:ce:1a (08:00:27:32:ce:1a), Dst: PcsCompu_93:da:1e (08:00:27:93:da:1e)
Internet Protocol Version 4, Src: 192.168.1.13, Dst: 192.168.1.58
Transmission Control Protocol, Src Port: 389, Dst Port: 50602, Seq: 356, Ack: 127, Len: 14
Lightweight Directory Access Protocol
LDAPMessage searchResDone(2) success [1 result]
messageID: 2
protocolOp: searchResDone (5)
searchResDone
resultCode: success (0)
matchedDN:
errorMessage:
[Response To: 49]
[Time: 0.000736000 seconds]
No. Time Source Destination Protocol Length Info
52 11.054151 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=127 Ack=370 Win=64128 Len=0 TSval=318079165 TSecr=1122417643
Frame 52: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 127, Ack: 370, Len: 0
No. Time Source Destination Protocol Length Info
53 11.054256 192.168.1.58 192.168.1.13 LDAP 73 unbindRequest(3)
Frame 53: 73 bytes on wire (584 bits), 73 bytes captured (584 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 127, Ack: 370, Len: 7
Lightweight Directory Access Protocol
LDAPMessage unbindRequest(3)
messageID: 3
protocolOp: unbindRequest (2)
unbindRequest
No. Time Source Destination Protocol Length Info
54 11.054256 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [FIN, ACK] Seq=134 Ack=370 Win=64128 Len=0 TSval=318079165 TSecr=1122417643
Frame 54: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 134, Ack: 370, Len: 0
No. Time Source Destination Protocol Length Info
55 11.054401 192.168.1.13 192.168.1.58 TCP 66 389 → 50602 [FIN, ACK] Seq=370 Ack=135 Win=65152 Len=0 TSval=1122417644 TSecr=318079165
Frame 55: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_32:ce:1a (08:00:27:32:ce:1a), Dst: PcsCompu_93:da:1e (08:00:27:93:da:1e)
Internet Protocol Version 4, Src: 192.168.1.13, Dst: 192.168.1.58
Transmission Control Protocol, Src Port: 389, Dst Port: 50602, Seq: 370, Ack: 135, Len: 0
No. Time Source Destination Protocol Length Info
56 11.054633 192.168.1.58 192.168.1.13 TCP 66 50602 → 389 [ACK] Seq=135 Ack=371 Win=64128 Len=0 TSval=318079166 TSecr=1122417644
Frame 56: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: PcsCompu_93:da:1e (08:00:27:93:da:1e), Dst: PcsCompu_32:ce:1a (08:00:27:32:ce:1a)
Internet Protocol Version 4, Src: 192.168.1.58, Dst: 192.168.1.13
Transmission Control Protocol, Src Port: 50602, Dst Port: 389, Seq: 135, Ack: 371, Len: 0
LDAP(389) + TLS
Command and Result
ctadmin@client:~$ ldapsearch -Z -H ldap://ldap.cavtime.com -D "cn=admin,dc=cavtime,dc=com" -b "cn=User01,ou=people,dc=cavtime,dc=com" -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <cn=User01,ou=people,dc=cavtime,dc=com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # User01, people, cavtime.com dn: cn=User01,ou=people,dc=cavtime,dc=com objectClass: posixAccount objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person loginShell: /bin/bash homeDirectory: /home/user01 uid: user01 cn: User01 userPassword:: e1NTSEF9SWlwRzZvZC9vUW45NndNclJXblRIN2pENUpaNVlYb3c= uidNumber: 10001 gidNumber: 10000 sn: User01 # search result search: 3 result: 0 Success # numResponses: 2 # numEntries: 1 ctadmin@client:~$
Packet List
No. Time Source Destination Protocol Length Info 9 2.919991 192.168.1.58 192.168.1.13 TCP 74 42486 → 389 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=318101219 TSecr=0 WS=128 10 2.920076 192.168.1.13 192.168.1.58 TCP 74 389 → 42486 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1122439697 TSecr=318101219 WS=128 11 2.920674 192.168.1.58 192.168.1.13 TCP 66 42486 → 389 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=318101219 TSecr=1122439697 12 2.920937 192.168.1.58 192.168.1.13 LDAP 97 extendedReq(1) LDAP_START_TLS_OID 13 2.921023 192.168.1.13 192.168.1.58 TCP 66 389 → 42486 [ACK] Seq=1 Ack=32 Win=65152 Len=0 TSval=1122439698 TSecr=318101220 14 2.921478 192.168.1.13 192.168.1.58 LDAP 80 extendedResp(1) 15 2.922174 192.168.1.58 192.168.1.13 TCP 66 42486 → 389 [ACK] Seq=32 Ack=15 Win=64256 Len=0 TSval=318101221 TSecr=1122439699 16 2.950315 192.168.1.58 192.168.1.13 TLSv1.3 464 Client Hello 17 2.950811 192.168.1.13 192.168.1.58 TLSv1.3 226 Server Hello 18 2.951052 192.168.1.13 192.168.1.58 TLSv1.3 72 Change Cipher Spec 19 2.951757 192.168.1.58 192.168.1.13 TLSv1.3 72 Change Cipher Spec 20 2.953972 192.168.1.13 192.168.1.58 TLSv1.3 100 Application Data 21 2.954022 192.168.1.13 192.168.1.58 TLSv1.3 2651 Application Data 22 2.954165 192.168.1.13 192.168.1.58 TLSv1.3 426 Application Data, Application Data 23 2.954476 192.168.1.58 192.168.1.13 TCP 66 42486 → 389 [ACK] Seq=436 Ack=3160 Win=62336 Len=0 TSval=318101253 TSecr=1122439731 24 2.954878 192.168.1.58 192.168.1.13 TLSv1.3 140 Application Data 25 2.996808 192.168.1.13 192.168.1.58 TCP 66 389 → 42486 [ACK] Seq=3160 Ack=510 Win=64768 Len=0 TSval=1122439774 TSecr=318101254 30 7.422045 192.168.1.58 192.168.1.13 TLSv1.3 138 Application Data 31 7.422113 192.168.1.13 192.168.1.58 TCP 66 389 → 42486 [ACK] Seq=3160 Ack=582 Win=64768 Len=0 TSval=1122444199 TSecr=318105720 32 7.422577 192.168.1.13 192.168.1.58 TLSv1.3 102 Application Data 33 7.423863 192.168.1.58 192.168.1.13 TLSv1.3 164 Application Data 34 7.424352 192.168.1.13 192.168.1.58 TLSv1.3 429 Application Data 35 7.424744 192.168.1.13 192.168.1.58 TLSv1.3 102 Application Data 36 7.426520 192.168.1.58 192.168.1.13 TCP 66 42486 → 389 [ACK] Seq=680 Ack=3595 Win=64128 Len=0 TSval=318105725 TSecr=1122444202 37 7.427127 192.168.1.58 192.168.1.13 TLSv1.3 95 Application Data 38 7.427128 192.168.1.58 192.168.1.13 TLSv1.3 90 Application Data 39 7.427612 192.168.1.13 192.168.1.58 TCP 66 389 → 42486 [ACK] Seq=3595 Ack=734 Win=64768 Len=0 TSval=1122444205 TSecr=318105726 40 7.427826 192.168.1.13 192.168.1.58 TLSv1.3 90 Application Data 41 7.427872 192.168.1.13 192.168.1.58 TCP 66 389 → 42486 [FIN, ACK] Seq=3619 Ack=734 Win=64768 Len=0 TSval=1122444205 TSecr=318105726 42 7.428418 192.168.1.58 192.168.1.13 TCP 60 42486 → 389 [RST] Seq=734 Win=0 Len=0 43 7.428418 192.168.1.58 192.168.1.13 TCP 60 42486 → 389 [RST] Seq=734 Win=0 Len=0
LDAPS
Command and Result
ctadmin@client:~$ ldapsearch -H ldaps://ldap.cavtime.com -D "cn=admin,dc=cavtime,dc=com" -b "cn=User01,ou=people,dc=cavtime,dc=com" -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <cn=User01,ou=people,dc=cavtime,dc=com> with scope subtree # filter: (objectclass=*) # requesting: ALL # # User01, people, cavtime.com dn: cn=User01,ou=people,dc=cavtime,dc=com objectClass: posixAccount objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person loginShell: /bin/bash homeDirectory: /home/user01 uid: user01 cn: User01 userPassword:: e1NTSEF9SWlwRzZvZC9vUW45NndNclJXblRIN2pENUpaNVlYb3c= uidNumber: 10001 gidNumber: 10000 sn: User01 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 ctadmin@client:~$
Packet List
No. Time Source Destination Protocol Length Info 51 9.216323 192.168.1.58 192.168.1.13 TCP 74 42674 → 636 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM TSval=318126417 TSecr=0 WS=128 52 9.216377 192.168.1.13 192.168.1.58 TCP 74 636 → 42674 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM TSval=1122464896 TSecr=318126417 WS=128 53 9.216937 192.168.1.58 192.168.1.13 TCP 66 42674 → 636 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=318126418 TSecr=1122464896 54 9.239473 192.168.1.58 192.168.1.13 TLSv1.3 464 Client Hello 55 9.239537 192.168.1.13 192.168.1.58 TCP 66 636 → 42674 [ACK] Seq=1 Ack=399 Win=64768 Len=0 TSval=1122464919 TSecr=318126440 56 9.240399 192.168.1.13 192.168.1.58 TLSv1.3 226 Server Hello 57 9.240682 192.168.1.13 192.168.1.58 TLSv1.3 72 Change Cipher Spec 58 9.240918 192.168.1.58 192.168.1.13 TCP 66 42674 → 636 [ACK] Seq=399 Ack=161 Win=64128 Len=0 TSval=318126442 TSecr=1122464920 59 9.241115 192.168.1.58 192.168.1.13 TCP 66 42674 → 636 [ACK] Seq=399 Ack=167 Win=64128 Len=0 TSval=318126442 TSecr=1122464920 60 9.241889 192.168.1.58 192.168.1.13 TLSv1.3 72 Change Cipher Spec 61 9.245916 192.168.1.13 192.168.1.58 TLSv1.3 100 Application Data 62 9.246313 192.168.1.13 192.168.1.58 TLSv1.3 2651 Application Data 63 9.246439 192.168.1.13 192.168.1.58 TLSv1.3 426 Application Data, Application Data 64 9.246858 192.168.1.58 192.168.1.13 TCP 66 42674 → 636 [ACK] Seq=405 Ack=2786 Win=63232 Len=0 TSval=318126448 TSecr=1122464925 65 9.247334 192.168.1.58 192.168.1.13 TLSv1.3 140 Application Data 66 9.248551 192.168.1.58 192.168.1.13 TLSv1.3 138 Application Data 67 9.248707 192.168.1.13 192.168.1.58 TCP 66 636 → 42674 [ACK] Seq=3146 Ack=551 Win=64640 Len=0 TSval=1122464928 TSecr=318126448 68 9.248812 192.168.1.13 192.168.1.58 TLSv1.3 102 Application Data 69 9.249678 192.168.1.58 192.168.1.13 TLSv1.3 164 Application Data 70 9.249888 192.168.1.13 192.168.1.58 TLSv1.3 429 Application Data 71 9.250036 192.168.1.13 192.168.1.58 TLSv1.3 102 Application Data 72 9.250701 192.168.1.58 192.168.1.13 TCP 66 42674 → 636 [ACK] Seq=649 Ack=3581 Win=64128 Len=0 TSval=318126452 TSecr=1122464929 73 9.250858 192.168.1.58 192.168.1.13 TLSv1.3 95 Application Data 74 9.250858 192.168.1.58 192.168.1.13 TLSv1.3 90 Application Data 75 9.250858 192.168.1.58 192.168.1.13 TCP 66 42674 → 636 [FIN, ACK] Seq=702 Ack=3581 Win=64128 Len=0 TSval=318126452 TSecr=1122464929 76 9.251006 192.168.1.13 192.168.1.58 TCP 66 636 → 42674 [ACK] Seq=3581 Ack=703 Win=64640 Len=0 TSval=1122464931 TSecr=318126452 77 9.251069 192.168.1.13 192.168.1.58 TLSv1.3 90 Application Data 78 9.251104 192.168.1.13 192.168.1.58 TCP 66 636 → 42674 [FIN, ACK] Seq=3605 Ack=703 Win=64640 Len=0 TSval=1122464931 TSecr=318126452 79 9.251282 192.168.1.58 192.168.1.13 TCP 60 42674 → 636 [RST] Seq=703 Win=0 Len=0 80 9.251283 192.168.1.58 192.168.1.13 TCP 60 42674 → 636 [RST] Seq=703 Win=0 Len=0