my _guess_ is that these messages you are looking at are normally
smaller than the networks minimum message size, and instead of doing
somethng "secure" to pad them out to the "right" minimum length, the
NIC's involved are just using random data from a prior packet.
you will notice that your IP len's are 40 wherease the ethernet packet
length is 60 - 60 is the minimum ethernet macket size (irrc).
rick jones
--
ftp://ftp.cup.hp.com/dist/networking/misc/rachel/
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to email, OR post, but please do NOT do BOTH...
my email address is raj in the cup.hp.com domain...
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
