[Snort-users] Did SNORT Arp Spoofing (ps)
chris.ditze-stephan at ...17497...
Mon Apr 25 01:45:04 EDT 2016
In case of misunderstandings an additional information:
During the one week without Snort there was no recognized arp spoofing on the network switch.
We are able to assign the switch port disabling with a started Snort.
Means: Snort seems to generate or provide any other service to do send packages with wrong MAC addresses.
my root server provider switched off the switch interface because my server sent packages with wrong MAC address.
I stopped SNORT and he switched on again.
I started SNORT again and the switch put off again the interface.
I let SNORT down for a week and again: The switch react.
Does anyone have an idea what's happened?
More information about the Snort-users