Wireshark mailing list archives
Re: Weird Null Packets
From: Bill Meier <wmeier () newsguy com>
Date: Wed, 19 Jan 2011 12:46:18 -0500
On 1/19/2011 10:54 AM, Michael Glenn wrote:
Hi. I'm getting the weirdest packets trickling out of a network segment, and I'm trying to determine if the switch is dying, or if Microsoft has struck again (I've been installing some Win7 PCs on that segment). The packets are pretty-much nothing but a slew of zeroes; Wireshark guessed them to be FibreChannel traffic, but no such hardware on the segment. I'm attaching an extracted packet capture.
What hardware/OS/... are you using to capture these frames ? Are you also getting good frames using the same setup ??Wireshark shows the frames as being all zeros with no ethernet address, etc. which makes me wonder if these frames are actually really "on the wire".
Do do get the same results using an alternate capture program (windump for Windows or tcpdump for *nix) ?
The same with an alternate capture platform ? (eg: Windows iso *nix)? ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Weird Null Packets Michael Glenn (Jan 19)
- Re: Weird Null Packets Bill Meier (Jan 19)
- Re: Weird Null Packets Michael Glenn (Jan 19)
- Re: Weird Null Packets Bill Meier (Jan 19)