Wireshark-users: [Wireshark-users] Redback protocol decoding error?

From: "Don Arrowsmith" <arrowsmith.donald@xxxxxxxxxxx>
Date: Sun, 13 Apr 2008 12:09:52 -0400
[Please excuse any seemingly obvious errors in this post as I'm not a WS pro.]
 
I upgraded to WS v1.0.0 and noticed a packet on my LAN labeled "IP  Bogus IP length (0, less than header length 20)".  As I had another PC which still had WS v0.99.7, I looked at the same packet there and it says "UDP  Source port: 6646  Destination port: 6646".  In checking, this seems to be a broadcast packet from a McAfee network monitoring agent.  I do have McAfee AV running so this is probably what it is.
 
Is this an error in WS 1.0.0 thinking it's a bad packet?  It references a "redback" protocol in the decode which I'm pretty sure isn't anywhere on my LAN..
 
 
--
Don