Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: Problem with reading packets in LLC protocol encryption / encoding - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Problem with reading packets in LLC protocol encryption / encoding
Hi,

Im using an IP based messaging app called netcat on linux terminal. I can send messages directly to a computers IP and receive back in a way its not encrypted, as shown below:
https://s24.postimg.org/75dld4rol/packet_149.jpg

but when Im sniffing the packets from a third computer ( on my own WLAN ) im getting them in LLC protocol instead of TCP and I cant see the data (I think its encrypted or scrambled ) as shown below:
https://s24.postimg.org/6rc9dj7l1/all_packets.jpg
https://s28.postimg.org/nzqlo28f1/withoutarp.jpg

Any idea whats the problem? or how can I extract the data? I tried ASCII, UNICODE and Hex translation to string nothing worked.

Here is the Hex pcap file for wireshark on GoogleDrive, I hope someone could help me with this issue.
https://drive.google.com/open?id=0B4dE5ujOQI6RdENRclc0TDhlNzA
Anonymous

Sign Up for Free or Log In to start participating in the conversation!