From owner-freebsd-security  Thu Nov 15 14:16:40 2001
Delivered-To: freebsd-security@freebsd.org
Received: from 4ka.mipt.ru (4ka.mipt.ru [194.85.80.95])
	by hub.freebsd.org (Postfix) with ESMTP id 1231C37B416
	for <security@FreeBSD.org>; Thu, 15 Nov 2001 14:16:34 -0800 (PST)
Received: from deegreez (deegrez.4ka.mipt.ru [194.85.80.111])
	by 4ka.mipt.ru (8.11.6/8.11.6) with ESMTP id fAFMIFe15986
	for <security@FreeBSD.org>; Fri, 16 Nov 2001 01:18:15 +0300 (MSK)
	(envelope-from degreez_@4ka.mipt.ru)
Date: Thu, 16 Nov 2000 01:17:42 +0300
From: "deegreez [4ka]" <degreez_@4ka.mipt.ru>
X-Mailer: The Bat! (v1.49)
Reply-To: "deegreez [4ka]" <degreez_@4ka.mipt.ru>
X-Priority: 3 (Normal)
Message-ID: <723061181.20001116011742@4ka.mipt.ru>
To: security@FreeBSD.org
Subject: Re: unusual  log in var/log/messages
In-reply-To: <3BF4369A.3030503@gmx.de>
References: <bulk.9491.20011114170248@hub.freebsd.org> <3BF4369A.3030503@gmx.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hello Sven,

Friday, November 16, 2001, 12:41:46 AM, you wrote smth like:

SW> Hi,

SW> I recently discovered this entry in my messages-logfile

SW> " Nov 14 15:10:44 leo2 /kernel: arp: 137.226.141.33 moved from 
SW> 00:40:33:39:80:d1 to 00:50:bf:7e:6e:70 on de0"

SW> is this a kind of attack or what?

SW> Cu

SW>         Sven Wittig

      i dont think its kind of attack..but it can be a kind of
      man-in-the-middle sniffing realisations..
      use arpwatch for more details about MAC/IP configuration of
      hosts



-- 
Best regards,
 deegreez                            mailto:degreez_@4ka.mipt.ru

and let da connect b with U!



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message