Frame 285: Packet, 552 bytes on wire (4416 bits), 552 bytes captured (4416 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: Mar 19, 2019 01:44:57.003428000 UTC
    UTC Arrival Time: Mar 19, 2019 01:44:57.003428000 UTC
    Epoch Arrival Time: 1552959897.003428000
    [Time shift for this packet: 0.000000000 seconds]
    [Time delta from previous captured frame: 268.000 microseconds]
    [Time since reference or first frame: 1.366662000 seconds]
    Frame Number: 285
    Frame Length: 552 bytes (4416 bits)
    Capture Length: 552 bytes (4416 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:ldap:gss-api:spnego-krb5]
    Character encoding: ASCII (0)
Ethernet II, Src: Dell_c2:09:6a (a4:1f:72:c2:09:6a), Dst: Intel_57:2b:42 (64:32:a8:57:2b:42)
    Destination: Intel_57:2b:42 (64:32:a8:57:2b:42)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: Dell_c2:09:6a (a4:1f:72:c2:09:6a)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IPv4 (0x0800)
    [Stream index: 1]
Internet Protocol Version 4, Src: 10.0.90.9, Dst: 10.0.90.215
    0100 .... = Version: 4
    .... 0101 = Header Length: 20 bytes (5)
    Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
        0000 00.. = Differentiated Services Codepoint: Default (0)
        .... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
    Total Length: 538
    Identification: 0x26ff (9983)
    010. .... = Flags: 0x2, Don't fragment
        0... .... = Reserved bit: Not set
        .1.. .... = Don't fragment: Set
        ..0. .... = More fragments: Not set
    ...0 0000 0000 0000 = Fragment Offset: 0
    Time to Live: 128
    Protocol: TCP (6)
    Header Checksum: 0x954f [validation disabled]
    [Header checksum status: Unverified]
    Source Address: 10.0.90.9
    Destination Address: 10.0.90.215
    [Stream index: 1]
Transmission Control Protocol, Src Port: 389, Dst Port: 49175, Seq: 2598, Ack: 2295, Len: 498
    Source Port: 389
    Destination Port: 49175
    [Stream index: 19]
    [Stream Packet Number: 13]
    [Conversation completeness: Incomplete, DATA (15)]
        ..0. .... = RST: Absent
        ...0 .... = FIN: Absent
        .... 1... = Data: Present
        .... .1.. = ACK: Present
        .... ..1. = SYN-ACK: Present
        .... ...1 = SYN: Present
        [Completeness Flags: ··DASS]
    [TCP Segment Len: 498]
    Sequence Number: 2598    (relative sequence number)
    Sequence Number (raw): 2850866075
    [Next Sequence Number: 3096    (relative sequence number)]
    Acknowledgment Number: 2295    (relative ack number)
    Acknowledgment number (raw): 3531333048
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Accurate ECN: Not set
        .... 0... .... = Congestion Window Reduced: Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
        [TCP Flags: ·······AP···]
    Window: 255
    [Calculated window size: 65280]
    [Window size scaling factor: 256]
    Checksum: 0xde7c [unverified]
    [Checksum Status: Unverified]
    Urgent Pointer: 0
    [Timestamps]
        [Time since first frame in this TCP stream: 16.300000 milliseconds]
        [Time since previous frame in this TCP stream: 268.000 microseconds]
    [SEQ/ACK analysis]
        [This is an ACK to the segment in frame: 284]
        [The RTT to ACK the segment was: 268.000 microseconds]
        [iRTT: 364.000 microseconds]
        [Bytes in flight: 498]
        [Bytes sent since last PSH flag: 498]
    [Client Contiguous Streams: 1]
    [Server Contiguous Streams: 1]
    TCP payload (498 bytes)
    [PDU Size: 498]
Lightweight Directory Access Protocol
    SASL Buffer Length: 494
    SASL Buffer
        GSS-API Generic Security Service Application Program Interface
            krb5_blob: 050405ff000c000c00000000594be10a325828ca9e4cb91637fb3ec5
                krb5_tok_id: KRB_TOKEN_CFX_WRAP (0x0405)
                krb5_cfx_flags: 0x05, AcceptorSubkey, SendByAcceptor
                    .... .1.. = AcceptorSubkey: Set
                    .... ..0. = Sealed: Not set
                    .... ...1 = SendByAcceptor: Set
                krb5_filler: ff
                krb5_cfx_ec: 12
                krb5_cfx_rrc: 12
                krb5_cfx_seq: 1498145034
                krb5_sgn_cksum: 325828ca9e4cb91637fb3ec5
        GSS-API payload (466 bytes)
            LDAPMessage searchResEntry(4) "DC=littletigers,DC=info" [1 result]
                messageID: 4
                protocolOp: searchResEntry (4)
                    searchResEntry
                        objectName: DC=littletigers,DC=info
                        attributes: 1 item
                            PartialAttributeList item gPLink
                                type: gPLink
                                vals: 1 item
                                    AttributeValue: [LDAP://CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=littletigers,DC=info;0]
                [Response To: 284]
                [Time: 268.000 microseconds]
            LDAPMessage searchResRef(4)
                messageID: 4
                protocolOp: searchResRef (19)
                    searchResRef: 1 item
                        LDAPURL: ldap://ForestDnsZones.littletigers.info/DC=ForestDnsZones,DC=littletigers,DC=info
                [Response To: 284]
                [Time: 268.000 microseconds]
            LDAPMessage searchResRef(4)
                messageID: 4
                protocolOp: searchResRef (19)
                    searchResRef: 1 item
                        LDAPURL: ldap://DomainDnsZones.littletigers.info/DC=DomainDnsZones,DC=littletigers,DC=info
                [Response To: 284]
                [Time: 268.000 microseconds]
            LDAPMessage searchResRef(4)
                messageID: 4
                protocolOp: searchResRef (19)
                    searchResRef: 1 item
                        LDAPURL: ldap://littletigers.info/CN=Configuration,DC=littletigers,DC=info
                [Response To: 284]
                [Time: 268.000 microseconds]
            LDAPMessage searchResDone(4) success [1 result]
                messageID: 4
                protocolOp: searchResDone (5)
                    searchResDone
                        resultCode: success (0)
                        matchedDN: <MISSING>
                        errorMessage: <MISSING>
                [Response To: 284]
                [Time: 268.000 microseconds]