Date: Sun, 18 Jan 2004 11:07:32 -0500 From: Patrick Muldoon <doon@inoc.net> To: Maciej Cetler <airot@lazir.toya.net.pl>, Spades <spades@galaxynet.org> Cc: freebsd-security@freebsd.org Subject: Re: arp problem in /var/log/messages Message-ID: <200401181107.36732.doon@inoc.net> In-Reply-To: <20040118153512.GA23872@lazir.toya.net.pl> References: <09bd01c3ddbc$9f829070$fa10fea9@bryanuptrvb0jc> <20040118153512.GA23872@lazir.toya.net.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_I9qCAn0XlpFD6SV Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline On Sunday 18 January 2004 10:35 am, Maciej Cetler wrote: > On Sun, Jan 18, 2004 at 08:14:29PM +0800, Spades wrote: > > hi all, i got flooded by these msgs like 1000+ lines, any idea? > > my kernel is dated Nov-30 FreeBSD 4.9-stable > > > > # tail -f /var/log/messages > > Jan 18 19:43:23 xb /kernel: arp: 202.79.180.1 moved from > > 00:04:5a:49:eb:74 to 00:50:0f:4f:c0:00 on rl0 > > Jan 18 19:45:06 xb /kernel: arp: 202.79.180.1 moved from > > 00:50:0f:4f:c0:00 to 00:04:5a:49:eb:74 on rl0 > > Jan 18 19:45:18 xb /kernel: arp: 202.79.180.1 moved from > > 00:04:5a:49:eb:74 to 00:50:0f:4f:c0:00 on rl0 > > Jan 18 19:45:41 xb /kernel: arp: 202.79.180.1 moved from > > 00:50:0f:4f:c0:00 to 00:04:5a:49:eb:74 on rl0 > > Jan 18 19:45:45 xb /kernel: arp: 202.79.180.1 moved from > > 00:04:5a:49:eb:74 to 00:50:0f:4f:c0:00 on rl0 > > looks like someone is using tools like ettercap. > > airot is .1 your gateway? =20 00:50:0f is a Cisco Adaptor 00:04:5a is a linksys Adaptor What type of network are you on? IE is this your network? or is a say a=20 cablemodem network? =20 check out http://www.dslreports.com/forum/remark,8225369~mode=3Dflat, which= is=20 basically about this same issue and perhaps might shed some light on the=20 problem. =20 If they where both Cisco Nic's it could be HSRP? Hope that helps, =2DPatrick =2D-=20 Patrick Muldoon Network/Software Engineer INOC (http://www.inoc.net) PGPKEY (http://www.inoc.net/~doon) Key ID: 0x370D752C micro$oft: "where do you want to go today?"=20 linux: "where do you want to go tomorrow?"=20 BSD: "are you guys coming, or what?" --Boundary-02=_I9qCAn0XlpFD6SV Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBACq9IYGp9wTcNdSwRAmh9AJ9EAamCOsFqLjpdJRQ0foAhOtJVxwCeLmkh qrrrc21gDWCygqBqfCT0174= =QxzU -----END PGP SIGNATURE----- --Boundary-02=_I9qCAn0XlpFD6SV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401181107.36732.doon>