Solved

Wireshark

Posted on 2016-09-27
4
90 Views
Last Modified: 2016-10-12
I tried to do port mirrorig and then use Wireshark.
I got this. But i have no clue who 10.0.0.29 is, it isent in my DHCP server. It does this all the time. Non stop reassembled PDU.

Can you help?
Unavngivet.jpg
0
Comment
Question by:Mike Kristensen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 18

Expert Comment

by:Mal Osborne
ID: 41819252
I am assuming that 10.0.0.1/24 is your local subnet? If so, try pinging 10.0.0.29, then type arp -g at a DOS prompt on a Windows box. This will spit out the MAC address of the device on 10.0.0.29.
Now, go to the link below, and enter that MAC address. This will give you some information about the manufacturer of the device. (You could also sniff the MAC address with Wireshark of course.)

http://macvendorlookup.com/

It may or may not provide a useful clue.
1
 

Author Comment

by:Mike Kristensen
ID: 41825276
So i tried this and tried to read more up on this..... I cant ping the address. The address is not set by the router.

10.0.0.1/24 is on 1 Ethernet port. 192.168.0.1 is on another.


I will keep recording more, but cant find anything for now.
0
 
LVL 24

Accepted Solution

by:
Dirk Kotte earned 500 total points
ID: 41829295
some network-clients don't answer the ping request, but they have to answer the arp-request.
Ping the device and than check the arp table (windows: arp -a).
Otherwise take your wireshark capture, expand the packet details, take the MAC from here.

Check the MAC with link provided by Malmensa.

the destination address points to box.com. this is a file storage like dropbox or sharefile. possible this helps you to identify the source.
0
 

Author Closing Comment

by:Mike Kristensen
ID: 41839876
Problem just dissapered
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question