On Sat, Mar 30, 2002 at 08:51:27AM -0700, Joe Warner wrote: > Hi, > > I'm running FreeBSD 4.5-STABLE and I recently noticed some > unknown ARP activity on my Cable connection when I wasn't > running any programs or even logged into X. Hmmm... It wasn't April 1st when you sent this... [snip] > 03/30-07:43:32.868036 ARP who-has 12.254.196.198 tell 12.254.196.1 > > 03/30-07:43:41.390466 ARP who-has 12.254.196.215 tell 12.254.196.1 > > 03/30-07:43:44.665318 ARP who-has 12.254.196.215 tell 12.254.196.1 [snip a bunch more of these] Routers sending out ARPs for people's machines. Nothing odd. > 03/30-07:46:21.869285 0:30:80:6E:AC:8C -> FF:FF:FF:FF:FF:FF type:0x800 len:0x176 > 12.242.19.34:67 -> 255.255.255.255:68 UDP TTL:246 TOS:0x0 ID:15134 IpLen:20 DgmLen:360 DF > Len: 340 And a DHCP server broadcasting a DHCPOFFER. Totally normal. -- Crist J. Clark | cjclarkat_private | cjclarkat_private http://people.freebsd.org/~cjc/ | cjcat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Apr 01 2002 - 16:47:26 PST