can someone tell me what this means when i ckecked on my pc sygate Personal firewall today it was flashing red with the following message

Unsolicited incoming ARP reply detected, this is a kind of MAC spoofing that may consequently do harm to your computer.

Packet data is shown in the right window.

0000: 00 50 FC A0 08 66 00 0A : 42 68 70 A8 08 06 00 01 | .P...f..Bhp.....
0010: 08 00 06 04 00 02 00 0A : 42 68 70 A8 51 67 F3 FE | ........Bhp.Qg..
0020: 00 50 FC A0 08 66 51 67 : F3 76 20 20 20 20 20 20 | .P...fQg.v
0030: 20 20 20 20 20 20 20 20 : 20 20 20 20 |

Uh..Just about the only thing I can tell you about that...is that its hex. A Hex editor will help? Correct me if I'm wrong.

AFAIK, you send out an ARP request to discover an IP address for a given MAC. If you get a reply but haven't asked, then I guess that would be dodgy.

can someone tell me what this means when i ckecked on my pc sygate Personal firewall today it was flashing red with the following message

Unsolicited incoming ARP reply detected, this is a kind of MAC spoofing that may consequently do harm to your computer.

Packet data is shown in the right window.

0000: 00 50 FC A0 08 66 00 0A : 42 68 70 A8 08 06 00 01 | .P...f..Bhp.....
0010: 08 00 06 04 00 02 00 0A : 42 68 70 A8 51 67 F3 FE | ........Bhp.Qg..
0020: 00 50 FC A0 08 66 51 67 : F3 76 20 20 20 20 20 20 | .P...fQg.v
0030: 20 20 20 20 20 20 20 20 : 20 20 20 20 |

Having decoded it - it basically means sygate lied to you. :erm:

That is a genuine ARP reply packet directed at your IP address telling you the MAC address for your local default gateway. :D

ok thanks for the info clearing it up

Having decoded it - it basically means sygate lied to you. :erm:

That is a genuine ARP reply packet directed at your IP address telling you the MAC address for your local default gateway. :D
A connection issue maybe? If the firewall is doing stateful inspection of packets and the reply occurred too long after the request? Just a guess...

A connection issue maybe? If the firewall is doing stateful inspection of packets and the reply occurred too long after the request? Just a guess...More likely the gateway was just too busy to reply in time. Either way, it wasn't an "Unsolicited incoming ARP reply" - just a slow reply. :D

More likely the gateway was just too busy to reply in time. Either way, it wasn't an "Unsolicited incoming ARP reply" - just a slow reply. :D
:D

One day programmers will take care to ensure that warning and error messages are accurate :erm: