Can anyone help me identify the following?
My Mandrake 7.0 (2.2.14) machine is equipped with a eepro100 adapter. I am
seeing a continuous series of UDP packets being bradcast from this machine.
Packets are being sent from my machine at 192.168.1.1:1069 (logan) to
255.255.255.255:5456.
TCPDUMP shows the packets as:
11:35:42.119078 logan.1069 > 255.255.255.255.5456: udp 256
11:35:47.373467 logan.1069 > 255.255.255.255.5456: udp 256
I captured the payload using Ethereal:
0000 ff ff ff ff ff ff 00 d0 b7 1d d8 6c 08 00 45 00 ........ ...l..E.
0010 01 1c bf 2b 00 00 40 11 f8 ca c0 a8 01 33 ff ff ...+..@. .....3..
0020 ff ff 04 2d 15 50 01 08 72 f1 30 33 31 7c 31 7c ...-.P.. r.031|1|
0030 70 75 62 6c 69 63 7c 39 7c 33 31 36 37 33 7c 30 public|9 |31673|0
0040 7c 30 7c 32 30 31 30 7e 7c 00 d8 23 35 08 00 00 |0|2010~ |..#5...
0050 00 00 03 00 00 00 18 00 00 00 18 00 00 00 60 98 ........ ......`.
0060 29 00 00 00 00 00 03 00 00 00 18 00 00 00 18 00 )....... ........
0070 00 00 60 98 29 00 38 f5 ff bf ca b1 20 00 04 7a ..`.).8. .......z
0080 19 00 14 00 00 00 18 8f 18 00 30 fa 27 08 38 d5 ........ ..0.'.8.
0090 38 08 18 34 3c 08 4c f5 ff bf 44 f5 ff bf 30 fa 8..4<.L. ..D...0.
00a0 27 08 08 6d 39 08 40 4a 31 08 b8 48 31 08 98 49 '..m9.@J 1..H1..I
00b0 31 08 84 f5 ff bf 96 8a 08 08 84 f5 ff bf d0 8a 1....... ........
00c0 08 08 f0 2f 39 08 08 6d 39 08 40 4a 31 08 b8 48 .../9..m [email protected]
00d0 31 08 38 f6 ff bf 08 6d 39 08 44 cd 09 08 c0 34 1.8....m 9.D....4
00e0 3c 08 08 6d 39 08 88 f5 ff bf 6b 69 08 08 98 49 <..m9... ..ki...I
00f0 31 08 40 4a 31 08 b8 f5 ff bf 3f c0 09 08 b0 49 1.@J1... ..?....I
0100 31 08 40 4a 31 08 8c bf 09 08 38 f6 ff bf 5c 69 1.@J1... ..8...\i
0110 08 08 90 89 08 08 c0 64 08 08 54 c8 09 08 e8 4a .......d ..T....J
0120 31 08 00 00 00 00 d4 f5 ff bf 1....... ..
John LeMay Jr.
Senior Enterprise Consultant
NJMC, LLC.
The rules have changed... Get paid to surf the web!!!
http://www.alladvantage.com/go.asp?refid=bdc893