Ethereal-users: Re: [Ethereal-users] UDP Packets everywhere

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Tom Greaser" <tgreaser@xxxxxxxxxxx>
Date: Tue, 31 May 2005 22:09:29 -0400
guessing your PCs are Windows machines..
if you run netstat  or download Active Ports  you can see what process
is 
sending on that port..

Some kinda multicast packt storm you have going on...

~~~~~~~~~~~~~~~~~~~~~~~~~~
Tom Greaser  
Red Hat Linux Certified Engineer
Senior Network Engineer
Information System Operations
Health Sciences Center

Phone 304-293-4683
FAX     304-293-7268

tgreaser@xxxxxxxxxxx

>>> Paul.White@xxxxxxxxxxxxxxxxxxx 5/31/2005 10:01 PM >>>
Hi all.. I am new to Ethereal so please excuse my lack of knowledge.  I
am 
also unsure if this is the right list for this kind of question, if not

can someone point me in the right direction??


A slow network lead me to install Ethereal and see if it could find the

problem.  When I did the first capture I saw 70% UDP packets all of
which 
looked like the following:-

Source  :   10.0.xxx.xxx  (most PCs on our network)

Destination :   232.47.16.89   (always)

Protocol :   UDP

Source port :  1117 (appears to be random, not always 1117)

Destination port :  47713  (always)

Length 71


Can anyone help?  I have slowed it a bit by implementing filtering on
our 
switch but while that stops the broadcasts it still slows the PCs.  No

viruses or spyware found either.


I have attached a text file with 2 packets exported from Ethereal.

 

 
Thanks

Paul





*****************************************************************

"This message is intended for the addressee named and may contain
confidential information. If you are not the intended recipient,
please delete it and notify the sender. Views expressed in this
message are those of the individual sender, and are not
necessarily the views of Bathurst Regional Council,
unless otherwise stated.

For the purposes of the Copyright Act, the permission of the
holder of copyright in this communication may be taken to have
been granted, unless stated otherwise, for the copying or
forwarding of this message, as long as both the content of this
communication and the purpose for which it is copied or
forwarded are work related."

*****************************************************************