Wireshark · Wireshark-users: [Wireshark-users] Redback protocol decoding error?

Wireshark-users: [Wireshark-users] Redback protocol decoding error?

From: "Don Arrowsmith" <arrowsmith.donald@xxxxxxxxxxx>

Date: Sun, 13 Apr 2008 12:09:52 -0400

[Please excuse any seemingly obvious errors in this post as I'm not a WS pro.]

I upgraded to WS v1.0.0 and noticed a packet on my LAN labeled "IP Bogus IP length (0, less than header length 20)". As I had another PC which still had WS v0.99.7, I looked at the same packet there and it says "UDP Source port: 6646 Destination port: 6646". In checking, this seems to be a broadcast packet from a McAfee network monitoring agent. I do have McAfee AV running so this is probably what it is.

Is this an error in WS 1.0.0 thinking it's a bad packet? It references a "redback" protocol in the decode which I'm pretty sure isn't anywhere on my LAN..

I've posted full text decodes:
v0.99.7 at http://eisner.decus.org/~arrowsmith/ws0997.txt and
v1.0.0 at http://eisner.decus.org/~arrowsmith/ws100.txt.

--
Don

Follow-Ups:
- Re: [Wireshark-users] Redback protocol decoding error?
  - From: Sake Blok

Prev by Date: Re: [Wireshark-users] Same SEQ number but different ACKs
Next by Date: Re: [Wireshark-users] Is it a bug with Wireshark?
Previous by thread: Re: [Wireshark-users] Is it a bug with Wireshark?
Next by thread: Re: [Wireshark-users] Redback protocol decoding error?
Index(es):
- Date
- Thread