On Sat, 24 Mar 2001, Tom Rauschenbach wrote:
> Ok, this is interesting. It looks like the Redhat machine is not more
> secure, just broken. I get the infamous "neighbor table overflow" message
> in the logs.
That means the ARP table is full. This can happen if your WAN side is a
shared network segment (e.g., cable, some DSL) with a lot of broadcast IP
traffic. It is also commonly seen if the system has been compromised and is
being used to portscan every other host on your local WAN subnet. So it could
be benign or indicate a compromise -- only further investigation will tell for
sure.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
