Date: Mon, 19 Jul 1999 21:59:55 -0400 (EDT) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: wayne@crb-web.com Cc: freebsd-questions@FreeBSD.ORG Subject: Re: what is this arp message?? Message-ID: <199907200159.VAA01321@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <Pine.LNX.3.95.990718224610.7186A-100000@crb.crb-web.com> from Wayne Cuddy at "Jul 18, 99 10:48:41 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Wayne Cuddy wrote, > Jul 18 21:57:51 wc2 /kernel.fw: arp: 00:60:3e:07:90:80 attempts to modify > permanent entry for 207.196.43.1 on ed0 > > > There doesn't appear to be anything wrong with network operation... Are these > serious errors/warnings? That depends. Looks like a machine somewhere thinks its interface with Ethernet address 00:60:3e:07:90:80 has an IP address of 207.196.43.1. However, your machine wc2 has a permanent entry in its ARP table for 207.196.43.1 that is different (lemme guess,207.196.43.1 is [one of] wc2's interface[s]). If all seems well and this is an innocent misconfiguration, the problem _might_ be serious. Other machines may be more confused and the machine erroniously claiming to own 207.196.43.1 is definiately confused. This should be fixed. If this is a malicious attack, i.e. someone is trying to masquerade as one of your machines, this could be serious and needs immediate investigation. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907200159.VAA01321>