First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Unknown Xenix server, malformed packets, enterprise traffic on personal computer.

  • retag add tags

My computer acts weird when I am staying at my boyfriend's house. I have caught it connecting to chromecast destinations without my prompting and have found a lot of unknown traffic in Wireshark including enterprise network indicators from a personal device.

There were 2,000 expert information notes on my pcapng after 7 minutes of connection.

Do you see any red flags of being hacked in this connection? Is it normal for someone to have a secret at-home Xenix Dev server if they supposedly know nothing about networking or servers?

Scrubbed pcapng: https://1drv.ms/u/s!AlusbwXRtIdfgvclg...

drawer1232's avatar
1
drawer1232
asked 2022-04-06 06:48:02 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

"Xenix server" doesn't necessarily mean that the machine is running Xenix; it's just a flag in an (old) Microsoft protocol - the machine at 172.18.206.25 also claims to be an "NT server", and a "DFS server", which refers to an SMB protocol feature that was added to SMB well after Xenix was a dead operating system. It's also sending out MDNS messages, and MDNS is another protocol that came out after Xenix was dead.

172.18.206.25's MAC address is given with a prefix of "WesternD", so it's probably a machine made by Western Digital; they do make "Personal Cloud and Network Attached Storage" servers. That's probably what 172.18.206.25 is, so that traffic doesn't look suspicious.

Guy Harris's avatar
19.9k
Guy Harris
answered 2022-04-07 18:14:13 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer