Ethereal-users: Re: [Ethereal-users] ethereal log files

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Andrew Hood <ajhood@xxxxxxxxx>
Date: Tue, 19 Sep 2006 22:23:11 +1000
-------------------
The Ethereal project is being continued at a new site.  Please go to
http://www.wireshark.org and subscribe to wireshark-users@xxxxxxxxxxxxx.
Don't forget to unsubscribe from this list at
http://www.ethereal.com/mailman/listinfo/ethereal-users
-------------------

Taj Mahal Mumbai wrote:
> Respected Sir,
>  
>              Its been a week  I am using your software inorder to find a
> solution for the network problem which I am facing from a long time.I
> have managed to take 2 log files using ethereal software.
>              
>               We have a DHCP server which gives IP to the user in our
> network and also we are using wireless network with 802.11b only.  We
> have SMC & Accton internal wifi device and Brovis as our external wifi
> device. All the wifi devices are given Static IP. The Log files shows me
> the IP address and the number of UDP session created. Can I slow down
> this UDP or control it ?
>              
>               I have attached two log files using ethereal log, all my
> switches were unstable during the network problem & all the users were
> not able to use internet. I solved it by restarting all the switch.
>  
>                I would like to know how  these ethereal logs would help
> me to find the cause of my network problem  and solve it permanently.
> Please suggest.

Do you have any sort of security on your WiFi? Which of the 10.22.*,
205.181.*, 213.159.*, 203.199.* or 192.168.* networks are yours?

You will see thousands of identical UDP packets suggesting you have a
routing loop in your network topology. An additional clue is that the
TTL keeps changing until it reaches 0 and the packet is discarded.

After discarding those packets it looks like someone at 213.159.99.253
is trying to hack into the box at address 203.199.75.25 by guessing the
password for the account "Administrator". As the attempts are close
together in time it looks like a bot.

-- 
There's no point in being grown up if you can't be childish sometimes.
                -- Dr. Who
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users