Wireshark · Wireshark-users: [Wireshark-users] Is this normal?

Wireshark-users: [Wireshark-users] Is this normal?

From: Peter Hartmann <ascensiontech@xxxxxxxxx>

Date: Tue, 31 Mar 2009 12:59:26 -0400

Hi, I've noticed quite a bit of broadcast traffic like this and am
wondering if this is normal in an MS domain.  What do you think?


3	0.265561	10.3.85.104	255.255.255.255	DCERPC	Request: seq: 0 opnum:
18264 len: 12599 00000000-0a03-5568-0011-43c586f40000 V0
9	1.469157	10.3.85.116	255.255.255.255	DCERPC	Request: seq: 0 opnum:
18264 len: 12593 00000000-0a03-5574-0012-3f84a4620000 V0
6	1.325521	10.3.85.62	255.255.255.255	DCERPC	Request: seq: 0 opnum:
18264 len: 0 00000000-0a03-553e-00b0-d060db100000 V0
7	1.386135	10.3.85.127	255.255.255.255	DCERPC	Request: seq: 0 opnum:
18264 len: 12598 00000000-0a03-557f-0011-43c2f31b0000 V0



I also see quite a bit of this kind of thing.  From what I understand,
this address 239.255.1.1 falls in a range dedicated to multicast.  I'm
also wondering if the spanning tree packets mean that there is a cable
plugged in to a switch twice.    Could that be?

54	7.619442	10.3.85.127	239.255.1.1	UDP	Source port: dnox  Destination
port: dnox
57	8.000269	Netgear_de:9b:97	Spanning-tree-(for-bridges)_00	STP	Conf.
Root = 32768/00:0f:b5:de:9b:97  Cost = 0  Port = 0x8001

Thank you much!

Peter

Follow-Ups:
- Re: [Wireshark-users] Is this normal?
  - From: Guy Harris
- Re: [Wireshark-users] Is this normal?
  - From: Stephen Fisher

Prev by Date: [Wireshark-users] Help Required- Wifi Router
Next by Date: Re: [Wireshark-users] Is this normal?
Previous by thread: [Wireshark-users] Help Required- Wifi Router
Next by thread: Re: [Wireshark-users] Is this normal?
Index(es):
- Date
- Thread