On Mit, 23 Okt 2002, Raymond Leach wrote:
Could be something like a smurf attack. A workstation pretending to be all the addresses on the network ....
Right, we have those "martian source" loggings on the external interface at our inner FW, too ;) But it also can come from the inner network, when you configure a machine on the same hub/switch with different Network-Adresses (eg: you have 192.168.0.0/24, but your normal network have 10.0.0.0/24) These times i cant see any security related problems at all - but any comments are welcome... Greetings, -- Jörg Henner Fon: +49 (7 11) 48 90 83 - 0 ETES - EDV-Systemhaus GbR Fax: +49 (7 11) 48 90 83 - 50 Libanonstrasse 58 A * D-70184 Stuttgart Web: http://www.etes.de