我在 MAC 访问列表中发现了一个被阻止的 MAC 地址 (00-1A-B6-00-64-00),禁用 MAC 过滤后,在 Wireshark 中显示了以下详细信息:
Frame 112389: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits) on interface 0
Ethernet II, Src: TexasIns_00:64:00 (00:1a:b6:00:64:00), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 0
Transaction ID: 0x21c6e068
Seconds elapsed: 30831
Bootp flags: 0x0000 (Unicast)
Client IP address: 0.0.0.0
Your (client) IP address: 0.0.0.0
Next server IP address: 0.0.0.0
Relay agent IP address: 0.0.0.0
Client MAC address: TexasIns_00:64:00 (00:1a:b6:00:64:00)
Client hardware address padding: 00000000000000000000
Server host name: stellaris
Boot file name not given
Bootp vendor specific options: 000000000000000000000000000000000000000000000000...
我搜索了一下TexasIns_00,发现这个设备是一个USB数据包嗅探器。
你认为这是真的吗?
答案1
实际上,TexasIns 只是 Wireshark 对所谓 OUI(组织唯一标识符)的解释,它是每个制造商独有的 MAC 地址的前三个字节...在这种情况下,它是德州仪器的 OUI(00:1a:b6),所以没有什么可担心的。
欲了解更多信息,请参阅https://www.wireshark.org/tools/oui-lookup.html
问候,莫