Re: un-hibernating laptop using old network settings

[Curt Wilson <netw3 () netw3 com>]

This might be off base, but perhaps the system used 
ICMP router discovery protocol (IRDP) to find your gateway?
We've got several systems in our network that receive
a dynamic IP address when making a secure connection to
a financial providers data network. These systems don't have
a gateway specified on their ethernet interface and snort
picks up frequent IRDP router discovery messages from this
box as well as systems on the local segment that don't have
a default gateway set (since they don't need to see anything
but the local segment anyway).

Just an idea.

CW



At 10:09 PM 7/1/2001 -0700, Andrew Daviel wrote:
> It seems the laptop was placed in hibernate mode at
> the other site then awakened on our network. It proceeded to use in-RAM
> network settings and sent a flurry of DNS requests to offsite servers.
> I believe it was running DHCP and don't fully understand how it was
> able to find the new gateway without changing the DNS settings too.



=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
| Curt R. Wilson   *   Netw3 Consulting  *   www.netw3.com    |
|    Internet Security, Networking, PC tech,  WWW hosting     |
| Netw3 Security Reading Room : www.netw3.com/documents.html  |
|  Serving Southern Illinois locally and the world virtually  |  
|            netw3 () netw3 com     618-303-NET3                 |
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=