On Sat, Oct 07, 2006 at 12:15:44AM -0400, LDB wrote:
> Within Ethereal I am detecting a malformed packet coming from a Putty
> SSH Client using version 0.52. Could my users have downloaded a
> tainted version of Putty?
>
> Also, why does Ethereal consider it a malformed packet from SSH?
It depends on the traffic it is considering malformed. If you would
like to send a small capture file with only a few packets/the one that
is malformed someone may be able to give further details. It may just
be a bug in the Ethereal/Wireshark dissector - try upgrading to the
latest Wireshark and see if it is still malformed.
Steve