search

mandiant / flare-fakenet-ng

FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Apache License 2.0
1.73k stars 357 forks source link

RawUDPListener Spam and Errors - Standard Windows Dev VM Setup + Fresh FlareVM Install #172

Open emtuls opened 7 months ago

emtuls commented 7 months ago

There seems to be A LOT of noise when starting up Fakenet on Windows 10 after a fresh install of FlareVM.

I don't believe this was the case before recent updates and I'm wondering if there is a way to filter this out? It takes up a large amount of room and makes it hard to determine what else is going on.

Also, this error was displayed a few times during startup of Fakenet:

12/07/23 08:32:05 PM [          Diverter] ERROR: Failed to send outbound external UDP packet
12/07/23 08:32:05 PM [    RawUDPListener]   0250: 6F 62 65 3E 3C 2F 73 6F 61 70 3A 42 6F 64 79 3E  obe></soap:Body>
12/07/23 08:32:05 PM [          Diverter]   UDP 239.255.255.250:3702->192.168.245.137:54525
12/07/23 08:32:05 PM [    RawUDPListener]   0250: 6F 62 65 3E 3C 2F 73 6F 61 70 3A 42 6F 64 79 3E  obe></soap:Body>
12/07/23 08:32:05 PM [    RawUDPListener]   0260: 3C 2F 73 6F 61 70 3A 45 6E 76 65 6C 6F 70 65 3E  </soap:Envelope>
12/07/23 08:32:05 PM [          Diverter]   [Error 1214] The format of the specified network name is invalid.
12/07/23 08:32:05 PM [    RawUDPListener]   0260: 3C 2F 73 6F 61 70 3A 45 6E 76 65 6C 6F 70 65 3E  </soap:Envelope>
12/07/23 08:32:05 PM [          Diverter] ERROR: Failed to send outbound external UDP packet
12/07/23 08:32:05 PM [          Diverter]   UDP 239.255.255.250:3702->192.168.245.137:54525
12/07/23 08:32:05 PM [          Diverter]   [Error 1214] The format of the specified network name is invalid.
12/07/23 08:32:20 PM [          Diverter] System (4) requested UDP 192.168.245.255:138

As well as:

    12/07/23 08:35:39 PM [          Diverter] svchost.exe (2252) requested UDP 224.0.0.251:5353
    12/07/23 08:35:39 PM [          Diverter] svchost.exe (2252) requested UDP 224.0.0.252:5355
    12/07/23 08:35:39 PM [        DNS Server] Received ANY request for domain 'DESKTOP-.local'.
    12/07/23 08:35:39 PM [        DNS Server] Received ANY request for domain 'DESKTOP-.local'.
    12/07/23 08:35:39 PM [          Diverter] ERROR: Failed to send outbound external UDP packet
    12/07/23 08:35:39 PM [          Diverter]   UDP 224.0.0.251:5353->192.168.245.137:5353
    12/07/23 08:35:39 PM [          Diverter]   [Error 1214] The format of the specified network name is invalid.
    12/07/23 08:35:39 PM [          Diverter] ERROR: Failed to send outbound external UDP packet
    12/07/23 08:35:39 PM [          Diverter]   UDP 224.0.0.251:5353->192.168.245.137:5353
    12/07/23 08:35:39 PM [          Diverter]   [Error 1214] The format of the specified network name is invalid.
    12/07/23 08:35:39 PM [          Diverter] System (4) requested UDP 192.168.245.255:137
    12/07/23 08:35:39 PM [          Diverter] svchost.exe (3836) requested UDP 239.255.255.250:1900
    12/07/23 08:35:40 PM [          Diverter] System (4) requested UDP 192.168.245.255:137