2.4.5-pre1: Bogus ARP packets containing NFS file data? (2)

Frank van Maarseveen Tue, 15 May 2001 09:31:10 -0700

Got the image of 3 interesting packets by letting a modified tcpdump dump
the entire packet buffer in arp_print().

Original tcpdump output:
16:23:17.108993 P 0:60:97:ba:b4:f5 0:0:0:0:0:1 arp 1514: arp-#8192 for proto #1500 
(138) hardware #17664 (36)
16:23:17.809024 P 0:60:97:ba:b4:f5 0:0:0:0:0:1 arp 1514: arp-#8192 for proto #1500 
(139) hardware #17664 (36)
16:23:17.810256 P 0:60:97:ba:b4:f5 0:0:0:0:0:1 arp 1514: arp-#8377 for proto #1500 
(139) hardware #17664 (36)

strings 1.bin:
        espoo
        b0VIM 5.7
        espoo
        ~fvm/ctri/c_flow.c
        3210#"! 

strings 2.bin:
        espoo
        b0VIM 5.7
        espoo
        ~fvm/ctri/c_flow.c
        3210#"! 

strings 3.bin:



Corresponding packet data attached (note: not suitable for tcpdump -r anymore).

-- 
Frank

1.bin

2.bin

3.bin

2.4.5-pre1: Bogus ARP packets containing NFS file data? (2)

Reply via email to