|
Security Incidents
mailing list archives
against illegal arp update
From: "SB CH" <chulmin2 () hotmail com>
Date: Mon, 10 Mar 2003 09:04:36 +0000
Hello, all.
Today someone(I don't know who) which use same network(/20), has updated
our arp information into non-existent mac information. so I can't connect
toward the server.
the number of the servers which can't connect are so high, so I can't set
all ips into mac at the router or switch.
Surely, I use arpwatch. But I can't find any information about it.
I know that one can fake his ip and update illegal arp information against
some ip which is a same network.
Is it a virus or illegal attack?
How can I solve this incident?
Thanks in advance.
_________________________________________________________________
고.. 감.. 도.. 사.. 랑.. 만.. 들.. 기.. MSN 러브
http://www.msn.co.kr/love/
----------------------------------------------------------------------------
<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>
 By Date 
By Thread
Current thread:
- against illegal arp update SB CH (Mar 10)
|
Intro
