Date: Tue, 15 Oct 2002 14:05:47 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: William Wallace <ww@austin.rr.com> Cc: FreeBSD Security <freebsd-security@FreeBSD.ORG> Subject: RE: Kernel log message Message-ID: <Pine.BSF.3.96.1021015135711.5096A-100000@gaia.nimnet.asn.au> In-Reply-To: <ODEMJJBMDNGMFJHKBCMFCEJHEAAA.ww@austin.rr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 14 Oct 2002, William Wallace wrote: > Thanks to all who replied. Just as an additional interesting piece of > information: Because the machine in question was in a state that made it > easy to simply wipe it out and re-install everything from scratch, I decided > to do just that. Upon reinstalling the OS and rebooting, I got a kernel log > message in my FreeBSD server that indicated the "opposite" MAC address > change. It changed from "00:00:78:0d:5a:7f" back to "00:20:78:0d:5a:7f", That's still a one-bit error. In my humble experience, one-bit errors are almost invariably hardware. If so, then I guess this is off-topic. > which is what it was originally. I'm suspicious now of some kind of > malicious software or something, but it's going to be hard to determine what > exactly made that happen. Did you try cleaning the NIC in question, and the computer it lives in? [..] > >The machine in question (192.168.100.2) is a Windows 2000 machine that has > >had the same NIC for years. Also, only one of the digits in the MAC > >address seems to have changed. What could cause this? > > > > 1) The NIC card could be dieing. "same NIC for years" > 2) Transmission error of some sort on you LAN > 3) Problem w/ a packet switch. Still smells like hardware to me too; fluff and dust can engender such. Cheers, Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1021015135711.5096A-100000>