First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Is this source malicious?

Hello! I am new to Wireshark and I am still wrapping my hands around it and I am trying to understand it. So, I started to analyze my wi-fi and one thing keeps coming up: <sercomm> as a source and <broadcast> as a destination. The protocol in use is ARP. Is this anything to be concerned about? I am new to this so I don't know what it could be, I tried to search for it on the internet but I didn't find any similar problem. I am also wondering is it malicious maybe?

Thank you for your help guys!

screen_name's avatar
1
screen_name
asked 2018-04-09 15:42:24 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

2

It's not malicious; it's just normal ARP traffic you'll find on any IPv4 network. The host with the Sercomm Corporation OUI (D4-21-22) is attempting to find out which host has a particular IP address, and this is the mechanism by which it accomplishes that.

See also: the Wikipedia article on ARP.

cmaynard's avatar
11.1k
cmaynard
answered 2018-04-09 16:14:43 +0000
Guy Harris's avatar
19.9k
Guy Harris
updated 2018-04-09 18:18:38 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer