Security Basics mailing list archives
RE: weird
From: "Day, David" <david.day () zimmer com>
Date: Tue, 24 Feb 2004 12:02:44 -0600
to really stick out. I'm not an expert, so the only thing that I know that will do the same thing is flooding the network with ramdom MAC addresses. Or maybe a major arp flooding or something. I haven't
We had an SGI server that was spewing macs and flooding the address table. I watched mac entries on a port basis and found the link back to the server. After a bit we received a patched driver from the vendor. In our case traffic patterns were normal (no jabber or similar indicators) so my tool was the switch cli. David --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: weird, (continued)
- Re: weird Byron Sonne (Feb 24)
- Re: weird Aaron Keck (Feb 24)
- Re: weird sunflower (Feb 25)
- Re: weird Secdigital (Feb 24)
- Re: weird Michael Gale (Feb 25)
- Re: weird H Carvey (Feb 24)
- RE: weird Hagen, Eric (Feb 24)
- RE: weird jeff . frost (Feb 24)
- Re: weird Cesar Osorio (Feb 24)
- Re: weird kenzo (Feb 24)
- RE: weird Day, David (Feb 25)
- RE: weird MARTIN M. Bénoni (Feb 25)