i am seeing ENTTEC HEAD unknown so what basically ENTTEC IS :---- BELOW I S THE IMAGE asked 26 Nov '14, 23:39  Manish Rajput |
One Answer:
It's an indication that the dissector for ENTTEC's DMX on Ethernet protocol needs to be fixed so that TCP packets that happen to use the same port number as that protocol, but that don't appear to be DMX-on-Ethernet packets, don't get dissected as DMX-on-Ethernet packets. Unlike, for example, Ethernet type values, TCP and UDP ports are not guaranteed to be reliable indications of the protocol being used, so there's always the chance that Wireshark will misidentify protocols running on top of TCP or UDP. There are ways in which "false positives", such as identifying traffic to or from port 3333 as DMX-on-Ethernet packets, can be reduced. Please file a bug on this at the Wireshark Bugzilla, so we can keep track of it. answered 27 Nov '14, 11:51  Guy Harris ♦♦ |
