Ask Your Question
0

How to determine which processes are sending CLDAP Protocol to DST Port 389

asked 2018-06-06 13:21:07 +0000

this post is marked as community wiki

This post is a wiki. Anyone with karma >750 is welcome to improve it.

Hello ,

I have a number of servers sending LDPA queries to a domain controller ( servers was mounted in an envirement with another envirement templates after unjoin and join to new domain) , when i Try to snif the traffic from one server using wireshark,i found that queries sent to destination with CLDAP and TCP Protocoles . How to determine with apps are involved and any information related to this issue

Thank You

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-06-06 15:45:12 +0000

grahamb gravatar image

Wireshark (currently) is unable to show the process sending packets.

You might try MS Message Analyzer which can display the process info.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2018-06-06 13:21:07 +0000

Seen: 815 times

Last updated: Jun 06 '18

Related questions

Why there is port mismatch in tcp and http header for port 51006. Also why the netstat in server do not shows connections under port 51006 even traffic is coming to this port.

Localhost capturing

Port Unreachable

How to capture UDP traffic and not NBNS traffic?

No HTTP protocols in scan results

SCCP on tcp port 2005 ?

How to observe Message Session Relay Protocol packets

Seeking explanation on bytes count in 'Protocol hierarchy'

How are FTP ports decided ?

I cannot enter a filter for tcp port 61883. What is so special about this number?

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2