Security Incidents mailing list archives

Strange traffic ....

From: Elie De Brauwer <dahelios () pandora be>
Date: Sat, 22 Sep 2001 09:25:02 +0200

When i booted my firewall today, (OpenBSD machine hooked up using an cable 
modem), i saw strange traffic on my cable modem (blinking RD lights while i 
knew no traffic was coming in ....). So I logged in and ran TCPdump ... below 
are the result can anyone explain these ... ? My IP is 213.224.1xx.xxx ....

11:20:54.626314 arp who-has 213.224.100.255 tell D5E06401.kabel.telenet.be
11:20:56.686464 arp who-has 213.224.100.255 tell D5E06401.kabel.telenet.be
11:20:58.238345 arp who-has 213.224.100.255 tell D5E06401.kabel.telenet.be
11:21:00.808768 arp who-has 213.224.100.255 tell D5E06401.kabel.telenet.be
11:21:02.879542 arp who-has 213.224.100.255 tell D5E06401.kabel.telenet.be
11:21:04.290517 arp who-has 213.224.100.255 tell D5E06401.kabel.telenet.be
11:21:04.830205 arp who-has D5E06403.kabel.telenet.be tell 
D5E06401.kabel.telenet.be

-- 
<=================>
    Elie De Brauwer 

  www.de-brauwer.be
  elie () de-brauwer be
<=================>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Strange traffic .... Elie De Brauwer (Sep 22)
- Re: Strange traffic .... Paul Gear (Sep 23)
- Re: Strange traffic .... John Sage (Sep 23)
  - Re: Strange traffic .... (final) Elie De Brauwer (Sep 24)