Tengo un equipo con Windows 95 que está metiendo muchas tramas en la red como la que aparece abajo.
Aparte de este equipo tengo otros 10 equipos con el mismo S.O., software, permisos y que se usan para la misma función y que no meten nada de este tráfico.
¿Me pueden descifrar esta trama.? Gracias.
Código HTML:
No. Time Source Destination Protocol Info
13765 569.652529 1.2.3.140 1.2.255.255 BROWSER Browser Election Request
Frame 13765 (228 bytes on wire, 228 bytes captured)
Arrival Time: Feb 6, 2006 10:10:44.618439000
Time delta from previous packet: 0.928928000 seconds
Time since reference or first frame: 569.652529000 seconds
Frame Number: 13765
Packet Length: 228 bytes
Capture Length: 228 bytes
Protocols in frame: eth:ip:udp:nbdgm:smb:browser
Ethernet II, Src: 00:60:94:1a:64:d3, Dst: ff:ff:ff:ff:ff:ff
Destination: ff:ff:ff:ff:ff:ff (Broadcast)
Source: 00:60:94:1a:64:d3 (Ibm_1a:64:d3)
Type: IP (0x0800)
Internet Protocol, Src Addr: 1.2.3.140 (1.2.3.140), Dst Addr: 1.2.255.255 (1.2.255.255)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 214
Identification: 0x571c (22300)
Flags: 0x00
Fragment offset: 0
Time to live: 32
Protocol: UDP (0x11)
Header checksum: 0x0a69 (correct)
Source: 1.2.3.140 (1.2.3.140)
Destination: 1.2.255.255 (1.2.255.255)
User Datagram Protocol, Src Port: netbios-dgm (138), Dst Port: netbios-dgm (138)
Source port: netbios-dgm (138)
Destination port: netbios-dgm (138)
Length: 194
Checksum: 0xdaf4 (correct)
NetBIOS Datagram Service
Message Type: Direct_group datagram (17)
More fragments follow: No
This is first fragment: Yes
Node Type: B node (0)
Datagram ID: 0x03b1
Source IP: 1.2.3.140 (1.2.3.140)
Source Port: 138
Datagram length: 172 bytes
Packet offset: 0 bytes
Source name: 908<20> (Server service)
Destination name: SERVIDO1<1e> (Browser Election Service)
SMB (Server Message Block Protocol)
SMB Header
Server Component: SMB
SMB Command: Trans (0x25)
Error Class: Success (0x00)
Reserved: 00
Error Code: No Error
Flags: 0x00
0... .... = Request/Response: Message is a request to the server
.0.. .... = Notify: Notify client only on open
..0. .... = Oplocks: OpLock not requested/granted
...0 .... = Canonicalized Pathnames: Pathnames are not canonicalized
.... 0... = Case Sensitivity: Path names are case sensitive
.... ..0. = Receive Buffer Posted: Receive buffer has not been posted
.... ...0 = Lock and Read: Lock&Read, Write&Unlock are not supported
Flags2: 0x0000
0... .... .... .... = Unicode Strings: Strings are ASCII
.0.. .... .... .... = Error Code Type: Error codes are DOS error codes
..0. .... .... .... = Execute-only Reads: Don't permit reads if execute-only
...0 .... .... .... = Dfs: Don't resolve pathnames with Dfs
.... 0... .... .... = Extended Security Negotiation: Extended security negotiation is not supported
.... .... .0.. .... = Long Names Used: Path names in request are not long file names
.... .... .... .0.. = Security Signatures: Security signatures are not supported
.... .... .... ..0. = Extended Attributes: Extended attributes are not supported
.... .... .... ...0 = Long Names Allowed: Long file names are not allowed in the response
Process ID High: 0
Signature: 0000000000000000
Reserved: 0000
Tree ID: 0
Process ID: 0
User ID: 0
Multiplex ID: 0
Trans Request (0x25)
Word Count (WCT): 17
Total Parameter Count: 0
Total Data Count: 18
Max Parameter Count: 0
Max Data Count: 0
Max Setup Count: 0
Reserved: 00
Flags: 0x0000
.... .... .... ..0. = One Way Transaction: Two way transaction
.... .... .... ...0 = Disconnect TID: Do NOT disconnect TID
Timeout: Return immediately (0)
Reserved: 0000
Parameter Count: 0
Parameter Offset: 0
Data Count: 18
Data Offset: 86
Setup Count: 3
Reserved: 00
Byte Count (BCC): 35
Transaction Name: \MAILSLOT\BROWSE
SMB MailSlot Protocol
Opcode: Write Mail Slot (1)
Priority: 1
Class: Unreliable & Broadcast (2)
Size: 35
Mailslot Name: \MAILSLOT\BROWSE
Microsoft Windows Browser Protocol
Command: Browser Election Request (0x08)
Election Version: 1
Election Criteria: 0x00000000
Election Desire: 0x00
.... ...0 = Backup: NOT Backup Browse Server
.... ..0. = Standby: NOT Standby Browse Server
.... .0.. = Master: NOT Master Browser
.... 0... = Domain Master: NOT Domain Master Browse Server
..0. .... = WINS: NOT WINS Client
0... .... = NT: NOT Windows NT Advanced Server
Browser Protocol Major Version: 0
Browser Protocol Minor Version: 0
Election OS: 0x00
.... ...0 = WfW: Not Windows for Workgroups
...0 .... = NT Workstation: Not Windows NT Workstation
..0. .... = NT Server: Not Windows NT Server
Uptime: 0 time
Server Name: 908