Revision history [back]
Why is Mikrotik router using DRDA protocol?
Hello, I am seeing a lot of traffic on protocol DRDA between my router (10.10.10.1) and laptop (10.10.10.254)
Any idea what this is? I have searched and cannot find much, all I found is linked at the bottom
I am using a Mikrotik hEX RB750Gr3 running router OS version 6.49.10 (stable)
The other day I also noticed TDS / TDS5 packets going between the router and laptop (but very few, like 1 or 2 at a time very infrequently)
Link1: https://thenetworkguy.typepad.com/nau/2009/06/drda-unraveling-the-db2-decodes.html Here you'll see the Info column usually has info, all of mine are Unknown
Link2: https://gitlab.com/wireshark/wireshark/-/issues/18952 Here again something other than Unknown in the info column.
See screenshot here: https://ibb.co/vxZmj6C
UPDATE: Thanks to Chuckc for the helpful posts, I disabled DRDA in the list of enabled protocols and now Wireshark decodes the packets as TCP so it looks like it was a case of it incorrectly seeing this packets as DRDA
Why is Mikrotik router using DRDA protocol?
Hello, I am seeing a lot of traffic on protocol DRDA between my router (10.10.10.1) and laptop (10.10.10.254)
Any idea what this is? I have searched and cannot find much, all I found is linked at the bottom
I am using a Mikrotik hEX RB750Gr3 running router OS version 6.49.10 (stable)
The other day I also noticed TDS / TDS5 packets going between the router and laptop (but very few, like 1 or 2 at a time very infrequently)
Link1: https://thenetworkguy.typepad.com/nau/2009/06/drda-unraveling-the-db2-decodes.html https://thenetworkguy.typepad.com/nau/2 ... codes.html Here you'll see the Info column usually has info, all of mine are Unknown
Link2: https://gitlab.com/wireshark/wireshark/-/issues/18952 Here again something other than Unknown in the info column.
See screenshot here: https://ibb.co/vxZmj6C
UPDATE: Thanks to Chuckc for the helpful posts, I disabled DRDA in the list of enabled protocols and now Wireshark decodes the packets as TCP so it looks like it was a case of it incorrectly seeing this packets as DRDA
Why is Mikrotik router using DRDA protocol?
Hello, I am seeing a lot of traffic on protocol DRDA between my router (10.10.10.1) and laptop (10.10.10.254)
Any idea what this is? I have searched and cannot find much, all I found is linked at the bottomanything, any help would be appreciated
I am using a Mikrotik hEX RB750Gr3 running router OS version 6.49.10 (stable)
Here is everything I have found relating to Wireshark and DRDA but I can't find anything from Mikrotik - can someone please confirm is a standard Mikrotik device should be communicating using this protocol or if this likely indicates that my router's software has been compromised?
The other day I also noticed TDS / TDS5 packets going between the router and laptop (but very few, like 1 or 2 at a time very infrequently)
Link1: https://thenetworkguy.typepad.com/nau/2 ... codes.html Here you'll see the Info column usually has info, all of mine are Unknown
Link2: https://gitlab.com/wireshark/wireshark/-/issues/18952 Here again something other than Unknown in the info column.
See screenshot here: https://ibb.co/vxZmj6C