A few things could cause this (assuming Norton's bloatware isn't just flaking out) like you are connecting to a different wireless network, or through another computer via Internet Connection Sharing (ICS) and the gateway machine on the LAN has changed, someone is deliberately spoofing the MAC, or the ICS gateway has undergone a NIC upgrade / change.
If you are running wifi without turning on the WEP/ WPA/ WPA2, and changing the default login for the access point you are asking for trouble. it is best to restrict router access to a small range of internal IP's (ie 192.168.1.2-192.168.1.5) and disallow remote management . Or if your router/ gateway supports it mapping static ip addresses for each known MAC, only allowing router access from one specific internal IP, and disabling DHCP requests and the SSID broadcast entirely.
If I received a message or noticed the gateway MAC had changed, I would certainly look into it immediately. It is also possible , if you have two or more machines in the LAN that are DHCP enabled, that the same IP address has been assigned to different computers....Thus Norton is trying to sort why its reading two different MAC addresses for 192.168.1.1
Depending upon your level of networking experience, you may want to run a packet capture in promiscuous mode to analyze the traffic, collision rate, etc.
If you can't get it sorted, download Wireshark %26 WinPcap;
http://www.wireshark.org/
Run a capture for a bit in PROMISCUOUS mode, and email me the log, and I'll look it over for you.
%26lt;/EOL%26gt;
No comments:
Post a Comment