Re: Why so many Out-of-Order packets

["Stefaan Pouseele" <stefaan.pouseele () skynet be>]

A good starting point is http://wiki.wireshark.org/FrontPage en specifically
the page http://wiki.wireshark.org/CaptureSetup/Ethernet. 

 

HTH, 

Stefaan

 

From: wireshark-users-bounces () wireshark org
[mailto:wireshark-users-bounces () wireshark org] On Behalf Of Joe Brouillette
Sent: zondag 5 september 2010 0:10
To: 'wireshark-users () wireshark org'
Subject: [Wireshark-users] Why so many Out-of-Order packets

 

Hey all, I did a scan yesterday and I'm a little discouraged by what I'm
seeing. I did a quick scan that rounded up 85,541 packets and of those
packets 21,148 are Out-of-Order packets (expert.message == "Out-Of-Order
segment"). From what I can see several of the machines on my network are
producing these packets. Some of the protocols are TCP, HTTP, SMB, TDS and
DCERPC. I tried Googling this issue and saw that capturing packets from a
mirrored port can do this. Well, I'm connected to an HP 2610 switch so how
do I capture packets on my network without mirroring a port or ports? I'm
pretty new to packet sniffing so please keep advanced technical terms to a
minimum. Any help here would be greatly appreciated. 

 

Thanks,

 

Joe B

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe