On Tue, 18 May 2004 18:54:36 +0200, "Soderland, Craig" <craig.soderland@xxxxxxx> said: > Understood, but why would this system be trying to make a connection there? I > has no reason to be connecting and we just noticed it which raised a few > questions. You're missing the point - if another machine on the subnet wants to talk to my laptop, it sends to MAC address 00:06:5B:EB:39:7D (the docking station interface) or to 00:02:2D:5C:11:48 (the wireless card). The fact that 00:06:5B is a Dell prefix doesn't mean that people are connecting to dell.com - they're connecting to hardware MADE BY Dell. Similarly, just because 00:02:2D belongs to Agere Systems doesn't mean the connection is to the Netherlands, it's to hardware made by a company that's in the Netherlands. 00:00:5E is registered to IANA - so I can make 2 conclusions: 1) You need to look to see where snoop found "DoD", because it's apparently confused. 2) Somebody on your net has an odd MAC address (since IANA doesn't make hardware...).. We'd really need to see more of the surrounding traffic in order to figure out what's going on.
Attachment:
pgp00103.pgp
Description: PGP signature