Wireshark · Ethereal-users: [Ethereal-users] Odd traffic help

Ethereal-users: [Ethereal-users] Odd traffic help

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Ruiz, Mike" <ruiz@xxxxxxx>

Date: Fri, 1 Oct 2004 11:53:12 -0400

I was hoping someone out there can help me determine what some unusual traffic I’m seeing from a workstation on my network really is. The traffic is multicast to destination ip 234.2.3.4 with a varying source port and a destination port of UDP 7000 always at the next layer it determines it is reliable UDP (RUDP). It says its Malformed Cisco SM protocol but this is a newly loaded patched and clean Windows XP machine, I can’t find any spyware, Trojans, etc…

Any thoughts?

Please reply directly if possible to ruiz@xxxxxxx

Michael G. Ruiz – ESSE, ACP, A+

Network and Enterprise Systems Engineer

Hobart and William Smith Colleges

Division of Information Technology

Geneva NY 14456

Follow-Ups:
- Re: [Ethereal-users] Odd traffic help
  - From: Guy Harris

Prev by Date: RE: [Ethereal-users] what do we do next?
Next by Date: [Ethereal-users] Does Ethereal has text mode of Ethereal thank you
Previous by thread: RE: [Ethereal-users] 32 bytes
Next by thread: Re: [Ethereal-users] Odd traffic help
Index(es):
- Date
- Thread