Исходное сообщение
"левые айпи в arp" Отправлено romeo, 11-Авг-09 00:18
>arp запросы генерирует сам сервер. Смотреть надо кто обращается к этим нежелательным >IP. (IP источника пославшего пакет). вот то что выловил через ethereal: 10.0.0.1 - айпи сервера 10.0.1.21 - айпи клиента все остальные айпи левые получается что все запросы в 3х пакетах были от одного и того же клиента? 10.0.1.21 ? если я правильно понял вывод... осталось только выяснить что стоит у клиента и лупит столько запросов No.     Time        Source                Destination           Protocol Info    4562 4.414954    10.0.1.21             10.44.64.211          TCP      ssslic-mgr > 59574 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 Frame 4562 (62 bytes on wire, 62 bytes captured)     Arrival Time: Aug 10, 2009 23:08:07.916380000     [Time delta from previous captured frame: 0.001161000 seconds]     [Time delta from previous displayed frame: 0.011635000 seconds]     [Time since reference or first frame: 4.414954000 seconds]     Frame Number: 4562     Frame Length: 62 bytes     Capture Length: 62 bytes     [Frame is marked: False]     [Protocols in frame: eth:ip:tcp] Ethernet II, Src: Foxconn_e6:81:78 (00:01:6c:e6:81:78), Dst: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)     Destination: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)         Address: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)         .... ...0 .... .... .... .... = IG bit: Individual address (unicast)         .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)     Source: Foxconn_e6:81:78 (00:01:6c:e6:81:78)         Address: Foxconn_e6:81:78 (00:01:6c:e6:81:78)         .... ...0 .... .... .... .... = IG bit: Individual address (unicast)         .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)     Type: IP (0x0800) Internet Protocol, Src: 10.0.1.21 (10.0.1.21), Dst: 10.44.64.211 (10.44.64.211) Transmission Control Protocol, Src Port: ssslic-mgr (1203), Dst Port: 59574 (59574), Seq: 0, Len: 0 No.     Time        Source                Destination           Protocol Info    4563 4.415064    EdimaxTe_b9:b1:32     Broadcast             ARP      Who has 10.44.64.211?  Tell 10.0.0.1 Frame 4563 (42 bytes on wire, 42 bytes captured)     Arrival Time: Aug 10, 2009 23:08:07.916490000     [Time delta from previous captured frame: 0.000110000 seconds]     [Time delta from previous displayed frame: 0.011745000 seconds]     [Time since reference or first frame: 4.415064000 seconds]     Frame Number: 4563     Frame Length: 42 bytes     Capture Length: 42 bytes     [Frame is marked: False]     [Protocols in frame: eth:arp]     [Coloring Rule Name: ARP]     [Coloring Rule String: arp] Ethernet II, Src: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32), Dst: Broadcast (ff:ff:ff:ff:ff:ff)     Destination: Broadcast (ff:ff:ff:ff:ff:ff)         Address: Broadcast (ff:ff:ff:ff:ff:ff)         .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)         .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)     Source: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)         Address: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)         .... ...0 .... .... .... .... = IG bit: Individual address (unicast)         .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)     Type: ARP (0x0806) Address Resolution Protocol (request)     Hardware type: Ethernet (0x0001)     Protocol type: IP (0x0800)     Hardware size: 6     Protocol size: 4     Opcode: request (0x0001)     Sender MAC address: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)     Sender IP address: 10.0.0.1 (10.0.0.1)     Target MAC address: 00:00:00_00:00:00 (00:00:00:00:00:00)     Target IP address: 10.44.64.211 (10.44.64.211) No.     Time        Source                Destination           Protocol Info    4564 4.415104    10.0.1.21             10.41.3.227           TCP      ssslog-mgr > 59039 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 Frame 4564 (62 bytes on wire, 62 bytes captured)     Arrival Time: Aug 10, 2009 23:08:07.916530000     [Time delta from previous captured frame: 0.000040000 seconds]     [Time delta from previous displayed frame: 0.000040000 seconds]     [Time since reference or first frame: 4.415104000 seconds]     Frame Number: 4564     Frame Length: 62 bytes     Capture Length: 62 bytes     [Frame is marked: False]     [Protocols in frame: eth:ip:tcp] Ethernet II, Src: Foxconn_e6:81:78 (00:01:6c:e6:81:78), Dst: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)     Destination: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)         Address: EdimaxTe_b9:b1:32 (00:0e:2e:b9:b1:32)         .... ...0 .... .... .... .... = IG bit: Individual address (unicast)         .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)     Source: Foxconn_e6:81:78 (00:01:6c:e6:81:78)         Address: Foxconn_e6:81:78 (00:01:6c:e6:81:78)         .... ...0 .... .... .... .... = IG bit: Individual address (unicast)         .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)     Type: IP (0x0800) Internet Protocol, Src: 10.0.1.21 (10.0.1.21), Dst: 10.41.3.227 (10.41.3.227) Transmission Control Protocol, Src Port: ssslog-mgr (1204), Dst Port: 59039 (59039), Seq: 0, Len: 0