To all
I am sniffing wireless traffic and getting malformed
MDNS packets. Here is an example ( I have changed the addresses to protect the
innocent) :
No.
Time
Source
Destination
Protocol Info
5 5.735756
10.1.17.32
178.27.05.50
MDNS Standard query[Malformed Packet]
Frame 5 (114 bytes on wire, 114 bytes captured)
Ethernet II, Src: Dell_70:41:da (00:24:e8:27:41:da), Dst:
AxiomTec_43:f9:0b (00:82:e0:43:f9:0b)
Internet Protocol, Src: 10.1.17.32 (10.1.17.32), Dst:
178.27.05.50 (178.27.05.50)
User Datagram Protocol, Src Port: mdns (5353), Dst Port:
movaz-ssc (5252)
Domain Name System (query)
[Malformed Packet: DNS]
[Expert Info (Error/Malformed): Malformed
Packet (Exception occurred)]
[Message:
Malformed Packet (Exception occurred)]
[Severity level:
Error]
[Group:
Malformed]
I am using Version 1.2.6 of Wireshark
Has anyone worked with MDNS before? Is this normal for
Wireshark to report these results or is this a problem a true problem? I
am also seeing queries that are coming back unknown. Is this a Wireshark issue?
Is this a system problem?
If you have can you point to where I can get more info on
MDNS?
Thanks in advance
Terry Martin
TimeData Corporation
Phone: 503-678.2224
Cell: 503.318.8909
