Experts Exchange

87

Solutions

301

Contributors

We connect you with people and information to solve problems, inspire learning and influence the future of technology.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have an HP EliteBook 8730w HP machine with XP SP3.  The NIC is a 82567LM Gigabit.  Wireshark Version 1.6.1 is seeing a flood (packet ea/.001068 seconds +/-) of protocol 0x8899 Ethernet II packets (All outgoing; no responses).  Packet length ranges from 64 to about 1499 or 1518 packets long. The problem I have is that I cannot find the Source MAC on my (small home) network (I have tried several MAC scanners), nor do I know anything about the destination address.

Source:  f8:c0:01:7c:65:cc
Destination: Dell_79:08:f2 (00:19:b9:79:08:f2)
Type: Unknown (0x8899), Ethernet II
Data (1504 bytes)
5 lines of data:
0010   88 64 11 00 14 ef 05 d6 00 21 45 40 05 d4 ac 25  .d.......!E@...%
0020   20 00 36 11 54 58 47 13 fb f9 61 73 b9 db a0 e1   .6.TXG...as....
0030   c9 be 05 cd 4b 14 32 bb 81 3a 22 b9 5d 95 21 4e  ....K.2..:".].!N
0040   6d 27 cb 53 59 65 0b 8d 75 33 cb ab f9 de 7e 52  m'.SYe..u3....~R
0050   32 57 86 24 53 27 ee 64 20 41 72 31 20 11 2a 43  2W.$S'.d Ar1 .*C
.
.

So, I have no such source or destination MAC on my network (that I can tell) , am seeing  an ongoing flood  of data anytime day/night.  To my knowledge, I have no Dell equipment on my network (two printers, 4-5 computers, a couple of Smart phones, and several Security DVRs).  Most computers behind one or more switches.  I am certain that I have no Realtek routers/switches or anything that might be using a managed protocol i.e. Realtek Remote Control Protocol (RRCP) Type 0x8899.
0
Free Tool: ZipGrep
LVL 9
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Part Two of the two-part Q&A series with MalwareTech.
4
As many of you know, Marketo access is currently down. The company is expecting to restore connection by noon PDT, according to their statement on Twitter. This outage can have large implications for businesses of all sizes--ourselves included. We'll be keeping the community informed as new updates roll in.
1
 
LVL 9

Author Comment

by:Experts Exchange
Thanks to the Marketo engineers and staff for working so quickly on this, the site is now back up before noon PDT.
2
get-to-the-point.PNGSay what you need to and nothing more. Increase engagement with concise posts!
2
SysAdmin Day is this Friday! If you have a story of a time when your technical skill and expertise saved the day comment here. You can also message us!

Looking forward to reading more of your experiences!
3
2
there's a problem with the personall billing web page.

I've tried Chrome, Firefox and IE and all three won't work.  The problem is when I go to remove a billing method.  It puts the Yes/No question text on top each other.  As a result it's impossible to remove old charge cards.
0
 
LVL 11

Administrative Comment

by:Andrew Leniart
Hi klamerus,

What you've done here is made a Post, which is for the purpose of sharing general information with the Experts Exchange community. Please use this Support Link to obtain support help for any Billing related inquiries.

You have options to Telephone, Email, or use Live Chat from that link to obtain support with your issue.

Regards,
Andrew
EE Topic Advisor
0
 
LVL 6

Administrative Comment

by:Brian Matis
This issue has now been fixed. Please go ahead and try it now, thanks!
0
It is really frustrating for someone to come into live and try to get an answer out of you in the 5 minutes, only to not want to pay for an answer... I usually suggest that people just put it in as a question....  Am I the only one aggravated with this?  It seems like EE get's their $$ and I get nothing but headaches...

-J
0
BecomingMalwaretech-SocialMedia-Nati.pngEver wondered what it takes to become a threat intel expert like Malwaretech? Check out our first Q&A release where Marcus discusses his background and predictions for the next threat in malware.
4
1
Free Tool: Path Explorer
LVL 9
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Have you read about a released feature you liked at Experts Exchange, or a bug that was fixed only to find it didn't work for you?  That's happened to me and I've just stumbled on the reason why!

You need to log out of Experts Exchange and then log back in for the new features to show up, or bug fixes to take effect on your EE account.  See below.

Log out of EE

Once you do that, all new features and bug fixes come into effect.

Hope that's helpful  
:^)
0
 
LVL 6

Expert Comment

by:Craig Kehler
I think in this particular case you may have worked around something by logging out and back in. That doesn't mean that we intentionally fixed it. "You need to log out of Experts Exchange and then log back in for the new features to show up," this is definitely not the case for new features nor should it be required for bug fixes.

Once we have all the details on how to reproduce that problem, we will have a chance to intentionally fix it. :) However right now I think it may return after you happen across the steps again.
1
 
LVL 11

Author Comment

by:Andrew Leniart
You're most likely correct Craig.. I got a little excited when something wouldn't work and then did so probably jumped the gun a bit :)
However right now I think it may return after you happen across the steps again
Agreed.. Nailing those steps down can be a frustrating exercise though. It's like fighting with a poltergeist that only rears its head once in a while just to irritate you! lol..
0
0
 
LVL 66

Expert Comment

by:Jim Horn
Vivacious verbs?  So are we selling real estate now at the expense of technical content?
0
 
LVL 9

Author Comment

by:Experts Exchange
Of course not, just sharing overall tips in this article.
0
Calling all System Administrators!!

We are excited for SysAdmin Day on July 28th! To celebrate, we are compiling the best SysAdmin stories from our community. We would love the opportunity to showcase your heroic tales of crazy problems you solved to keep the tech world going in our upcoming blog piece.  

Comment below or message us before Friday July 21st at 12pm PST to have your story included.
2
 
LVL 9

Author Comment

by:Experts Exchange
Thanks! We are looking for stories from within the EE community!
0
 
LVL 6

Expert Comment

by:Brian Matis
Not sure if this really counts, because I wasn't the SysAdmin in this scenario; instead, I was the problematic user! But here goes: back when I was a student at CalPoly, we had access to the school's UNIX system for things like our email. I had taken the C and UNIX class, so I knew my way around the command line enough to do more than just use PINE to check my email. I also really liked the SETI @ Home project, so I got the UNIX version of the client and installed it on my account on the school's system and would just let it run.

I think maybe I had it going for a month and I have no idea what sort of resources it was taking up. I imagine it wasn't really all that bad, but eventually, a SysAdmin did shut it down and told me not to do that again...

I imagine college SysAdmins have to deal with a lot of shenanigans like that! :-D
1
Part One of the two-part Q&A series with MalwareTech.
7
courseofmonth-native.JPGLooking to become a web developer, but not sure where to start? Check out this article for some community advice and enroll in July’s Course of the Month to gain your HTML5 certification. Take the first step in gaining a solid web development skill set and enroll today!
3
Experts Exchange got the opportunity to interview MalwareTech, the 22yr old who discovered the WannaCry kill switch. Check out his advice on security and future security threats, as well as his comments on the importance of tech communities.
5
 
LVL 31

Expert Comment

by:Zoppo
Once a customer called me and told our software tells him 'Hardlock not found' - after 10 minutes verifying everything (driver, service, client) was installed fine and running, just for fun and coz I was a little bit frustrated, I aksed if he really plugged in the hardlock - the customer was a bit surprised and answered "No, it's here, laying in front of me, on my desktop - do I have to plug it somewhere?"

Another time I sent a PDF docu to a customer - he answered with a mail asking me what to do with this PDF. I wrote 'just open it to read or print it' - he answered he doesn't know what 'open' means and asked me if it would be possible that I open the PDF and send it to him 'opened'.

And one of my favorites, allthough it wasn't directly me: Once surprisingly I heard my colleague (usually a relaxed guy) yelling loud into the telephone "NO! STOP! Stop EVERYTHING! DON'T TOUCH the mouse! DON'T TOUCH ANYTHING! When I tell you 'click', click EXACTLY ONCE with the LEFT mouse button! WHEN I TELL YOU 'double click', click EXACTLY TWICE with the LEFT mouse button! As long as I don't tell you anything DON'T TOUCH ANYTHING!!!"
0
FCCInfographic-SocialMedia-Sina-OS.pngThe results of the net neutrality Day of Action are in! Thank you to everyone in our tech community who participated by sending comments to the FCC, emails to Congress, and called Congress. Check out the days total results reported in our article update.
5
Experts Exchange is based in San Luis Obispo, otherwise known to locals as 'SLO'.  The city of SLO lost a valued member of its community a few months ago.  
Frank [Stone] built a reputation for “diligence and accuracy as a premier source of public safety news and reporting up and down the Central Coast"

Recently, the city's assemblyman voted for a bill to name a portion of its highway to this man.  On to the California State Senate Rules Committee.  I hope it passes there as well.

http://www.sanluisobispo.com/news/local/article161375423.html
5
 
LVL 6

Expert Comment

by:Brian Matis
Indeed... Huge loss to the community. Glad to see this being considered.
0
Let's recap what we learned from yesterday's Skyport Systems webinar.
1
On Demand Webinar: Networking for the Cloud Era
LVL 9
On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

2
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
> I looked that up.

Did Mikey like it too?  Did you find the beef as well?
0
 
LVL 16

Author Comment

by:Kyle Santos
shhuusshh you :D
0
Happy Snapshot Friday!

We found a snapshot on our Exchange Server this morning!

WARNING & REMINDER to ALL VMware Admins, Make Sure you regularly check your Virtual Machines for Evil Snapshots, after Backup Processes, which will cause performance issues, and make cause virtual machine outage if the datastore gets full, and VM will stop!

Don't know how to check for snapshots, which may be hidden check out my EE Article

HOW TO: VMware Snapshots :- Be Patient

If you are struggling don't forget to Post me a Question in the VMware Topic Area!
0
4
A look at what happened in the Verizon cloud breach.
4
 
LVL 16

Expert Comment

by:Kyle Santos
Comment Utility
I was able to do this easily last night by logging into my Verizon account online and going to settings to change the PIN.  I didn't even have to call customer service.
1
Yesterday, cyber resilience startup, UpGuard, issued a report that as many as 14 million U.S. Verizon customers have fallen victim to a hack that stole their names, addresses, account details, and PINs. The startup claims to have first notified Verizon on June 13th of the hack, citing a "misconfigured cloud-based file repository" as the cause.

In reply, Verizon has stated that there has been no loss or theft of customer information and that only 6 million customers may be at risk due to an informational cloud storage move where a third-party employee made external access available. Latest reports urge Verizon customers to update their Verizon PINs in order to safeguard their accounts.

Stay tuned for more information on what happened in this attack and how to safeguard your accounts.
5
First of all let me say that the only language that I speak is English, but in answering questions here I often come across people whose English skills are not the best and I’d like to be able to communicate better with them, and the following describes what I’ve done on occasion.
0

Experts Exchange

87

Solutions

301

Contributors

We connect you with people and information to solve problems, inspire learning and influence the future of technology.

Vendor Experts

Craig KehlerExperts Exchange
Kyle SantosExperts Exchange
Experts ExchangeExperts Exchange