From owner-freebsd-security  Mon Mar  8 15: 8:19 1999
Delivered-To: freebsd-security@freebsd.org
Received: from puck.nether.net (puck.nether.net [204.42.254.5])
	by hub.freebsd.org (Postfix) with ESMTP id 9ECEB14FE5
	for <freebsd-security@FreeBSD.ORG>; Mon,  8 Mar 1999 15:08:14 -0800 (PST)
	(envelope-from jared@puck.nether.net)
Received: (from jared@localhost)
	by puck.nether.net (8.9.2/8.7.3) id SAA27032;
	Mon, 8 Mar 1999 18:08:13 -0500 (EST)
	(envelope-from jared)
Date: Mon, 8 Mar 1999 18:08:13 -0500
From: Jared Mauch <jared@puck.Nether.net>
To: Paul MacKenzie <pc.mackenzie@utoronto.ca>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Quick question about arp error
Message-ID: <19990308180813.A26719@puck.nether.net>
Mail-Followup-To: Paul MacKenzie <pc.mackenzie@utoronto.ca>,
	freebsd-security@FreeBSD.ORG
References: <4.1.19990308175812.009d0310@mail.elehost.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.1i
In-Reply-To: <4.1.19990308175812.009d0310@mail.elehost.com>; from Paul MacKenzie on Mon, Mar 08, 1999 at 06:01:17PM -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

	You probally are getting icmp redirects for this host to
point it to a router/gateway that is on the local
ethernet.

	You should drop all non-local icmp redirects at your borders.

	- jared

On Mon, Mar 08, 1999 at 06:01:17PM -0500, Paul MacKenzie wrote:
> Hello,
> 
> I have a question about ARP based security. With a packet firewall enabled
> and verbose settings, I get a million of the following messages
> 
> Mar  2 10:59:24 server /kernel: arplookup xx.xx.xx.xx failed: host is not
> on local network
> 
> I know that the host is not on the local network, that is not a problem
> because it isn't...
> 
> But, what I do not understand is why is this happening? Is this a security
> risk? What if anything can be done to fix it? What causes it?
> 
> Any help would be really appreciated!
> 
> Thanks...
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message