[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Security problem?
- From: "Chris L. Mason" <cmason_(_at_)_unixzone_(_dot_)_com>
- Date: Thu, 5 Oct 2000 10:59:26 -0400
I keep seeing lines like this showing up on my console and in the logs:
arp: attempt to overwrite entry for 10.1.1.2 on de0 by xx:xx:xx:xx:xx:xx on ne0
The 10.1.1.0/24 network is my internal network. 10.1.1.1 is my firewall
and 10.1.1.2 is a desktop Linux system. de0 is the interface to the
internal network and ne0 is the interface connected to the Internet via a
So, is this some kind of attack, or just the result of other home users
with misconfigured systems that are leaking internal address? Note that
I'm using ipf with very strict rules, and a default deny policy.
Visit your host, monkey.org