Ask Your Question
0

Is this source malicious?

asked 2018-04-09 15:42:24 +0000

screen_name gravatar image

Hello! I am new to Wireshark and I am still wrapping my hands around it and I am trying to understand it. So, I started to analyze my wi-fi and one thing keeps coming up: <sercomm> as a source and <broadcast> as a destination. The protocol in use is ARP. Is this anything to be concerned about? I am new to this so I don't know what it could be, I tried to search for it on the internet but I didn't find any similar problem. I am also wondering is it malicious maybe?

Thank you for your help guys!

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
2

answered 2018-04-09 16:14:43 +0000

cmaynard gravatar image

updated 2018-04-09 18:18:38 +0000

Guy Harris gravatar image

It's not malicious; it's just normal ARP traffic you'll find on any IPv4 network. The host with the Sercomm Corporation OUI (D4-21-22) is attempting to find out which host has a particular IP address, and this is the mechanism by which it accomplishes that.

See also: the Wikipedia article on ARP.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-04-09 15:42:24 +0000

Seen: 566 times

Last updated: Apr 09 '18