This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

What is commplex-main

0

I am learning computer networking. When I started using Wireshark to capture packets on my wireless card, I noticed the following entries:

39 15.453128 169.254.1.127 169.254.1.255 UDP Source port: 43292  Destination port: commplex-main
40 16.989062 169.254.1.107 169.254.1.255 UDP Source port: intecom-ps1  Destination port: commplex-main
41 20.070231 169.254.1.107  255.255.255.255 UDP Source port: 21302  Destination port: 21302

What do the above entries resemble?

asked 21 Apr '12, 18:33

Tech2010's gravatar image

Tech2010
1111
accept rate: 0%

edited 21 Apr '12, 23:34

grahamb's gravatar image

grahamb ♦
19.8k330206

One Answer:

1

This is port 5000. You have transport name resolution turned on, so Wireshark is displaying a service name instead of port number. For example "http" instead of "80", or in this case "commplex-main" instead of "5000". The port-number-to-service-name mappings are found in Wireshark's services file. I did some Googling, but was unable to find out exactly what commplex-main is. However, there are actually multiple services that commonly run over port 5000. "commplex-main" is the service name associated with port 5000 in the services file, but this traffic could be some other service; all this tells you is that it's running on port 5000. If this is a Windows computer, the traffic is more likely to be UPnP.

answered 21 Apr '12, 20:42

Jim%20Aragon's gravatar image

Jim Aragon
7.2k733118
accept rate: 24%