Ethereal-dev: [Ethereal-dev] Windows Message Box Packet --- Is it really IPv6 encapsulated ove

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Julian Grizzard <grizzard@xxxxxxxxx>
Date: Thu, 24 Feb 2005 14:41:18 -0500
Hi,

Attached is a packet we logged on our honeynet.  The packet seems to
be a spam message that pops up a window on a MS Windows based machine
with the spam advertisement.  Ethereal v. 0.10.3 attempts to decode
the packet as an IPv6 packet encapsulated inside a UDP packet.  I
believe this interpretation is wrong, but I am not sure.  Thoughts?

Note MAC addresses and IPv4 addresses have been anonymized.

-Julian

Attachment: ipv6_encaps_anon.pcap
Description: Binary data