Estoy haciendo un seguimiento a mi red y ha visto que uno de los equipos esta metiendo bastantes tramas como la que adjunto más abajo.
¿Alguien me puede descifrar que quiere decir?
Muchas Gracias.
Código HTML:
Announcement 908, Workstation, Server, Windows for Workgroups, Potential Browser, Windows 95 or above
Frame 302 (264 bytes on wire, 264 bytes captured)
Arrival Time: Jan 24, 2006 12:10:51.914112000
Time delta from previous packet: 0.013902000 seconds
Time since reference or first frame: 24.198623000 seconds
Frame Number: 302
Packet Length: 264 bytes
Capture Length: 264 bytes
Protocols in frame: eth:ip:udp:nbdgm:smb:browser
Ethernet II, Src: 00:60:94:1a:64:d3, Dst: ff:ff:ff:ff:ff:ff
Destination: ff:ff:ff:ff:ff:ff (Broadcast)
Source: 00:60:94:1a:64:d3 (Ibm_1a:64:d3)
Type: IP (0x0800)
Internet Protocol, Src Addr: 1.1.1.140 (1.1.1.140), Dst Addr: 1.1.255.255 (1.1.255.255)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 250
Identification: 0x2c14 (11284)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 32
Protocol: UDP (0x11)
Header checksum: 0x354d (correct)
Source: 1.1.1.140 (1.1.1.140)
Destination: 1.1.255.255 (1.1.255.255)
User Datagram Protocol, Src Port: netbios-dgm (138), Dst Port: netbios-dgm (138)
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 230
Checksum: 0x86bf (correct)
NetBIOS Datagram Service
Message Type: Direct_group datagram (17)
More fragments follow: No
This is first fragment: Yes
Node Type: B node (0)
Datagram ID: 0x0729
Source IP: 1.1.1.140 (1.1.1.140)
Source Port: 138
Datagram length: 208 bytes
Packet offset: 0 bytes
Source name: 908<00> (Workstation/Redirector)
Destination name: DLPALMA2<1d> (Local Master Browser)
SMB (Server Message Block Protocol)
SMB Header
Server Component: SMB
SMB Command: Trans (0x25)
Error Class: Success (0x00)
Reserved: 00
Error Code: No Error
Flags: 0x00
0... .... = Request/Response: Message is a request to the server
.0.. .... = Notify: Notify client only on open
..0. .... = Oplocks: OpLock not requested/granted
...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized
.... 0... = Case Sensitivity: Path names are case sensitive
.... ..0. = Receive Buffer Posted: Receive buffer has not been posted
.... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
Flags2: 0x0000
0... .... .... .... = Unicode Strings: Strings are ASCII
.0.. .... .... .... = Error Code Type: Error codes are DOS error codes
..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
.... 0... .... .... = Extended Security Negotiation: Extended security negotiation is not supported
.... .... .0.. .... = Long Names Used: Path names in request are not long file names
.... .... .... .0.. = Security Signatures: Security signatures are not supported
.... .... .... ..0. = Extended Attributes: Extended attributes are not supported
.... .... .... ...0 = Long Names Allowed: Long file names are not allowed in the response
Process ID High: 0
Signature: 0000000000000000
Reserved: 0000
Tree ID: 0
Process ID: 0
User ID: 0
Multiplex ID: 0
Trans Request (0x25)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 54
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved: 00
Flags: 0x0000
Timeout: Return immediately (0)
Reserved: 0000
Parameter Count: 0
Parameter Offset: 0
Data Count: 54
Data Offset: 86
Setup Count: 3
Reserved: 00
Byte Count (BCC): 71
Transaction Name: \MAILSLOT\BROWSE
SMB MailSlot Protocol
Opcode: Write Mail Slot (1)
Priority: 1
Class: Unreliable & Broadcast (2)
Size: 71
Mailslot Name: \MAILSLOT\BROWSE
Microsoft Windows Browser Protocol
Command: Host Announcement (0x01)
Update Count: 15
Update Periodicity: 1 minute
Host Name: 908
OS Major Version: 4
OS Minor Version: 0
Server Type: 0x00412003
.... .... .... .... .... .... .... ...1 = Workstation: This is a Workstation
.... .... .... .... .... .... .... ..1. = Server: This is a Server
.... .... .... .... .... .... .... .0.. = SQL: This is NOT an SQL server
.... .... .... .... .... .... .... 0... = Domain Controller: This is NOT a Domain Controller
.... .... .... .... .... .... ...0 .... = Backup Controller: This is NOT a Backup Controller
.... .... .... .... .... .... ..0. .... = Time Source: This is NOT a Time Source
.... .... .... .... .... .... .0.. .... = Apple: This is NOT an Apple host
.... .... .... .... .... .... 0... .... = Novell: This is NOT a Novell server
.... .... .... .... .... ...0 .... .... = Member: This is NOT a Domain Member server
.... .... .... .... .... ..0. .... .... = Print: This is NOT a Print Queue server
.... .... .... .... .... .0.. .... .... = Dialin: This is NOT a Dialin server
.... .... .... .... .... 0... .... .... = Xenix: This is NOT a Xenix server
.... .... .... .... ...0 .... .... .... = NT Workstation: This is NOT an NT Workstation
.... .... .... .... ..1. .... .... .... = WfW: This is a WfW host
.... .... .... .... 0... .... .... .... = NT Server: This is NOT an NT Server
.... .... .... ...1 .... .... .... .... = Potential Browser: This is a Potential Browser
.... .... .... ..0. .... .... .... .... = Backup Browser: This is NOT a Backup Browser
.... .... .... .0.. .... .... .... .... = Master Browser: This is NOT a Master Browser
.... .... .... 0... .... .... .... .... = Domain Master Browser: This is NOT a Domain Master Browser
.... .... ...0 .... .... .... .... .... = OSF: This is NOT an OSF host
.... .... ..0. .... .... .... .... .... = VMS: This is NOT a VMS host
.... .... .1.. .... .... .... .... .... = Windows 95+: This is a Windows 95 or above host
.0.. .... .... .... .... .... .... .... = Local: This is NOT a local list only request
0... .... .... .... .... .... .... .... = Domain Enum: This is NOT a Domain Enum request
Browser Protocol Major Version: 21
Browser Protocol Minor Version: 4
Signature: 0xaa55
Host Comment: Terminal venta