[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security problem?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Security problem?
From: "Chris L. Mason" <cmason_(_at_)_unixzone_(_dot_)_com>
Date: Thu, 5 Oct 2000 10:59:26 -0400

Hi,

I keep seeing lines like this showing up on my console and in the logs:

arp: attempt to overwrite entry for 10.1.1.2 on de0 by xx:xx:xx:xx:xx:xx on ne0

The 10.1.1.0/24 network is my internal network.  10.1.1.1 is my firewall
and 10.1.1.2 is a desktop Linux system.  de0 is the interface to the
internal network and ne0 is the interface connected to the Internet via a
cable modem.

So, is this some kind of attack, or just the result of other home users
with misconfigured systems that are leaking internal address?  Note that
I'm using ipf with very strict rules, and a default deny policy.

Thanks,


Chris

Prev by Date: Re: PPPoE problems
Next by Date: Using sendmail w/ username & password?
Previous by thread: Re: IDS Systems
Next by thread: Re: Security problem?
Index(es):
- Date
- Thread

Visit your host, monkey.org