Wireshark · Ethereal-users: Re: [Ethereal-users] UDP to 224.0.0.103

Ethereal-users: Re: [Ethereal-users] UDP to 224.0.0.103

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Alexandre Rafalovitch <arafalov@xxxxxxxxx>

Date: Mon, 28 Mar 2005 18:27:07 -0500

Is there anyway (on Windows anyway) to identify which process sent the
UDP packet?
I know TCPView from sysinternals can show local UDP endpoint, but that
is only for listening. Is anybody aware of the tools to do that for
the sending?

I suspect not, but it is worth a question.

Otherwise, I guess one just has to examine the packets until some
identity emerges.

Regards,
     Alex.


On Mon, 28 Mar 2005 18:07:15 -0500, Scott Lowrey <slowrey@xxxxxxxxxxx> wrote:
>  Google for that address (use quotes).  You'll find it's used by the Multi
> Directory Access Protocol (MDAP).  Something wants to talk to a directory
> server.  Now google for MDAP Microsoft, since their software tends to be
> overly chatty and in constant need of the Mother Ship. :)
>  
>  Is Outlook running?
>  
>  Roger Almstedt wrote: 
>  
>  
> Hi, 
>   
> Just started to use Ethereal and discovered right away that my computer is
> sending all the time (2 times per second) an UDP package to IP adress: 
> 224.0.0.103 sourceport 3009 or 1027, destinationport 3235. 
> That cant be normal, maybe this is not at question for this list, but I
> would appreciate if anyone can help me with an answer. 
>   
> Best Regards 
> Roger

References:
- [Ethereal-users] UDP to 224.0.0.103
  - From: Roger Almstedt
- Re: [Ethereal-users] UDP to 224.0.0.103
  - From: Scott Lowrey

Prev by Date: Re: [Ethereal-users] UDP to 224.0.0.103
Next by Date: RE: [Ethereal-users] UDP to 224.0.0.103
Previous by thread: Re: [Ethereal-users] UDP to 224.0.0.103
Next by thread: RE: [Ethereal-users] UDP to 224.0.0.103
Index(es):
- Date
- Thread