Wireshark · Ethereal-users: Re: [Ethereal-users] Please help me(microsoft- ds)

Ethereal-users: Re: [Ethereal-users] Please help me(microsoft- ds)

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>

Date: Tue, 05 Jul 2005 10:57:54 -0700

Manoj Kumar wrote:

My ethereal is flooded with microsft-ds and netbios packets movingacross various ip’s not related to me. Please help me.

Is that a problem because you don't want that traffic on your network,or is that a problem because you don't want to see that traffic, or isthat a problem because you don't want to see any traffic other thantraffic to and from your machine?

In the first case, I can't really help you - the people are probablyusing SMB (Microsoft's file sharing protocol) for a reason, and areunlikely to stop doing so.


In the second case, try a filter of

not udp port 137 and not udp port 138 and not tcp port 139 and not tcpport 445

although that will also keep Ethereal from seeing that traffic to andfrom your machine.

In the third case, try turning promiscuous mode off - that way, the onlytraffic you'll see is traffic sent by and received by your machine(although, on Solaris, at least, you won't see any traffic sent by yourmachine) - or try using a filter of


	host {your host's IP address}

although that'll filter out ARP traffic and the like.

References:
- [Ethereal-users] Please help me(microsoft- ds)
  - From: Manoj Kumar

Prev by Date: Re: [Ethereal-users] how to put my wlan card in monitor mode
Next by Date: Re: [Ethereal-users] libPCAP file Format
Previous by thread: Re: [Ethereal-users] Please help me(microsoft- ds)
Next by thread: [Ethereal-users] NTOP and Ethereal
Index(es):
- Date
- Thread