Re: Strange ldap Behavior.

[Valdis.Kletnieks () vt edu]

On Tue, 18 May 2004 18:54:36 +0200, "Soderland, Craig" <craig.soderland () sap com>  said:

> Understood, but why would this system be trying to make a connection there? I
> has no reason to be connecting and we just noticed it which raised a few
> questions. 

You're missing the point - if another machine on the subnet wants to talk to my
laptop, it sends to MAC address 00:06:5B:EB:39:7D (the docking station
interface) or to 00:02:2D:5C:11:48 (the wireless card).  The fact that 00:06:5B
is a Dell prefix doesn't mean that people are connecting to dell.com - they're
connecting to hardware MADE BY Dell.  Similarly, just because 00:02:2D belongs
to Agere Systems doesn't mean the connection is to the Netherlands, it's to
hardware made by a company that's in the Netherlands.

00:00:5E is registered to IANA - so I can make 2 conclusions:

1) You need to look to see where snoop found "DoD", because it's apparently
confused.
2) Somebody on your net has an odd MAC address (since IANA doesn't
make hardware...)..

We'd really need to see more of the surrounding traffic in order to figure out
what's going on.

Attachment: _bin
Description: