[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[afnog] [Fwd: mail.one2net.co.ug security run output]



Got this in my logs... I can't seem to trace the renegade MAC address.
Any reason this would happen the 216.250.215.15 should be a broadcast
for one of my small services shouldn't it? Any clues on how to debug
this?


-----Forwarded Message-----

From: Charlie Root <root at mail.one2net.co.ug>
To: root at mail.one2net.co.ug
Subject: mail.one2net.co.ug security run output
Date: 19 Aug 2003 03:01:03 +0300
<snip>

mail.one2net.co.ug kernel log messages:
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0
> arp: 00:50:ba:8c:57:e1 attempts to modify permanent entry for 216.250.215.15 on rl0

mail.one2net.co.ug login failures:

mail.one2net.co.ug refused connections:

-- End of security output --
 
the commands below give...

mail# arp -a

? (216.250.215.9) at 00:d0:ba:58:ee:e0 on rl0 [ethernet]
ns.one2net.co.ug (216.250.215.10) at 00:50:ba:85:ca:82 on rl0 [ethernet]
? (216.250.215.15) at ff:ff:ff:ff:ff:ff on rl0 permanent [ethernet]

mail# netstat -rn

Routing tables
                                                                                                            
Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            216.250.215.9      UGSc       15     3424    rl0
127.0.0.1          127.0.0.1          UH          0    45082    lo0
216.250.215.8/29   link#1             UC          3        0    rl0
216.250.215.9      00:d0:ba:58:ee:e0  UHLW       16        0    rl0    617
216.250.215.10     00:50:ba:85:ca:82  UHLW        0      228    rl0   1191
216.250.215.15     ff:ff:ff:ff:ff:ff  UHLWb       0       22    rl0
                          

__________________________________________________
This is the Africa Network Operators' Group(AfNOG) 
technical discussion list.
The AfNOG website is: <http://www.afnog.org>