Ask Your Question
0

Oracle DB request connection packets always identified as malformed

asked 2019-04-24 20:09:14 +0000

rm760 gravatar image

Every request connection packet captured on a host connecting to an Oracle database is identified as malformed. Oracle support is stating there is nothing wrong. Is there any better way to identify these packets through wireshark settings? Or are these truly malformed?

edit retag flag offensive close merge delete

Comments

Unfortunately it's likely that we'd need to see the capture to comment further. You can share the capture on a public file sharing service, e.g. Google Drive, DropBox etc, and then post a link to it by amending your question.

grahamb gravatar imagegrahamb ( 2019-04-24 20:24:33 +0000 )edit

Thanks for the reply. Below is a link to one of the pcaps https://drive.google.com/file/d/1eqvD...

rm760 gravatar imagerm760 ( 2019-04-24 20:44:30 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2019-04-24 21:09:03 +0000

grahamb gravatar image

I can confirm I also see the issue with the latest dev version of Wireshark. I suspect Oracle have "improved" the protocol, and the TNS dissector requires an update.

Please raise a bug report at the Wireshark Bugzilla, attaching your capture. You might want to filter the capture to only hold TNS traffic (tcp.port 1521).

edit flag offensive delete link more

Comments

I have raised the issue with the wire shark Bugzilla group. Thanks

rm760 gravatar imagerm760 ( 2019-04-24 21:27:22 +0000 )edit
grahamb gravatar imagegrahamb ( 2019-04-24 21:32:29 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-04-24 20:09:14 +0000

Seen: 352 times

Last updated: Apr 24