How to find the device accessing these links _companion-link._tcp.local And lb._dns-sd._udp.local
I see these links a lot in Wireshark, I know it has something to do with Multicast DNS. I know that it is a 224.0.0.251 or whatever that number gets changed to somehow. I would really like to know who is getting the multicast.
This is my iPhone and the Protocol say it is Ethernet, but my iPhone is wireless. My computer does not access my iPhone vises virus.
I am not running any Bluetooth or Airplay items that I am aware of. I'm looking for a close by hacking possible remote into my iPhone and everything else.
This was all bunched together before I came back and edited this by putting some spaces in it.
Thank you,
Vicky71
Example:
Frame 24968: 120 bytes on wire, 120 bytes captured on interface \Device\NPF_{8E1FB03D-},
id 0
Interface id: 0 (\Device\NPF_{8E1FB03D})
Interface name: \Device\NPF_{8E1FB03D}
Interface description: TODAY IS A MIRACLE
Encapsulation type: Ethernet (1)
Arrival Time: Jan 29, 2022 14:16:47.326470000 Central Standard Time
[Time shift for this packet: 0.000000000 seconds]
[Time delta from previous captured frame: 0.127771000 seconds]
[Time delta from previous displayed frame: 26.452399000 seconds]
[Time since reference or first frame: 956.857961000 seconds]
Frame Number: 24968
Frame Length: 120 bytes (960 bits)
Capture Length: 120 bytes (960 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:udp:mdns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src:00:00:00:00:00:02 (00:00:00:00:00:02 ), Dst: IPv4mcast_fb (01:00:5e:00:00:fb)
Destination: IPv4mcast_fb (01:00:5e:00:00:fb)
<[Destination (resolved): IPv4mcast_fb]>
<[Destination OUI: 01:00:5e]>
Address: IPv4mcast_fb (01:00:5e:00:00:fb)
<[Address (resolved): IPv4mcast_fb]>
<[Address OUI: 01:00:5e]>
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
<.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)>
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
<.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)>
Source: 00:00:00:00:00:02 (00:00:00:00:00:02)
<[Source (resolved): 00:00:00:00:00:02 ]>
<[Source OUI: 00:00:64]>
Address: 00:00:00:00:00:02 (00:00:00:00:00:02)
<[Address (resolved): 00:00:00:00:00:02]>
<[Address OUI: 00:00:00]>
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
<.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)>
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
<.... ...0 .... .... .... .... = IG bit: Individual address (unicast)>
Type: IPv4 (0x0800)
Frame check sequence: 0x5456c022 incorrect, should be 0x6400d901
[Expert Info (Error/Checksum): Bad checksum [should be 0x6400d901]]
[Bad checksum [should be 0x6400d901]]
<Message: Bad checksum [should be 0x6400d901]>
[Severity level: Error]
[Group: Checksum]
[FCS Status: Bad]
Internet Protocol Version 4, Src: 192.168.50.127 (192.168.50.127), Dst: 224.0 ...
Do you have an Apple TV, these are broadcast normally sent by such a device?
No I do not have an Apple TV
Any other Apple devices?
I have an iPhone 6s that I am not signed into. It has basics Apple App's from 2016 and App I use for security recording to the cloud of this app for security purposes.