Strange Console Log??

Joined
Jun 20, 2011
Messages
19
Reaction score
0
Points
1
Your Mac's Specs
21.5" 2.5GHz i5 4Ghz RAM, Radeon 6750 512GDDR5
Just saw this in my console log. Any idea what this is?


8/17/11 7:54:40 PM com.apple.launchd.peruser.501[89] (com.apple.quicklook[229]) Exited: Killed
8/17/11 7:54:51 PM com.apple.launchd.peruser.501[89] (com.apple.AirPortBaseStationAgent[109]) Exited: Killed
8/17/11 7:55:13 PM configd[13] DHCP en0: defending IP 192.168.1.100 against d8:a2:5e:c6:9f:4f 1 (of 3)
8/17/11 7:55:13 PM configd[13] DHCP en0: defending IP 192.168.1.100 against d8:a2:5e:c6:9f:4f 2 (of 3)
8/17/11 7:55:13 PM configd[13] DHCP en0: defending IP 192.168.1.100 against d8:a2:5e:c6:9f:4f 3 (of 3)
8/17/11 7:55:13 PM configd[13] DHCP en0: 192.168.1.100 in use by d8:a2:5e:c6:9f:4f, DHCP Server 192.168.1.1
8/17/11 7:55:13 PM kernel en0 duplicate IP address 192.168.1.100 sent from address d8:a2:5e:c6:9f:4f
8/17/11 7:55:13 PM kernel en0 duplicate IP address 192.168.1.100 sent from address d8:a2:5e:c6:9f:4f
8/17/11 7:55:13 PM kernel en0 duplicate IP address 192.168.1.100 sent from address d8:a2:5e:c6:9f:4f
8/17/11 7:55:13 PM kernel en0 duplicate IP address 192.168.1.100 sent from address d8:a2:5e:c6:9f:4f
8/17/11 7:55:13 PM kernel en0 duplicate IP address 192.168.1.100 sent from address d8:a2:5e:c6:9f:4f
8/17/11 7:55:13 PM configd[13] network configuration changed.
8/17/11 7:55:27 PM configd[13] network configuration changed.
 
Joined
Feb 26, 2010
Messages
2,116
Reaction score
123
Points
63
Location
Rocky Mountain High, Colorado
Your Mac's Specs
1.8 GHz i7 MBA 11" OSX 10.8.2
You didn't say how you are hooking up to what network, wireless?

Anyway what that log is saying is that another device with the MAC address d8:a2:5e:c6:9f:4f is trying to acquire the same IP address that your computer has.

If it is wireless and you have MAC address filtering on - someone could be trying to spoof your MAC address to get onto your network. This is all conjecture of course until you give more detail. It could be as simple as the router you are connecting to has a limited amount of DHCP so you are running into contention.
 
OP
F
Joined
Jun 20, 2011
Messages
19
Reaction score
0
Points
1
Your Mac's Specs
21.5" 2.5GHz i5 4Ghz RAM, Radeon 6750 512GDDR5
My iMac is hardwired but I do use the same routers WiFi for other devices. 2 iPhones, iPod, Laptop and PS3. Sometimes 3 of these devices are on the net at once. Anyway, I got paranoid and changed my wireless security to WPA2 from the weaker WEP. I use an old black and blue Linksys WRT54G.

Also have 2 other PC's hardwired to the router as well as Vonage.
 
Joined
Feb 26, 2010
Messages
2,116
Reaction score
123
Points
63
Location
Rocky Mountain High, Colorado
Your Mac's Specs
1.8 GHz i7 MBA 11" OSX 10.8.2
It may not be nefarious - especially if you have a lot of devices attaching through dhcp. That being said - it is weird that it is your hardwired iMac that had to defend the dhcp lease. Usually it is because a computer leaves, the dhcp gets assigned to something else, then the computer comes back and tries to renew the lease.

First - WEP does nothing for security so it is good you changed to WPA2 - you still need a strong password (long, mix of characters) as there are brute force methods to try to break WPA2.

Lastly - you could go through your known devices and see if you can find d8:a2:5e:c6:9f:4f - I actually have MAC address filtering on for this reason. Then I have a list of all devices that I know I allow on my network. MAC address filtering doesn't really do anything for security by itself because it is easy to spoof a Mac address, but if someone tries to hop on then I have an easy to see list, right on my router, to compare against the log files. Then it also becomes obvious someone is spoofing as you will see a log similar to what you saw - where the router will be trying to assign the same dhcp address to 2 of the same MAC addresses.
 
OP
F
Joined
Jun 20, 2011
Messages
19
Reaction score
0
Points
1
Your Mac's Specs
21.5" 2.5GHz i5 4Ghz RAM, Radeon 6750 512GDDR5
So would you say, in your opinion, that someone was indeed trying to access my network remotely due to WEP I was previously using?
 
OP
F
Joined
Jun 20, 2011
Messages
19
Reaction score
0
Points
1
Your Mac's Specs
21.5" 2.5GHz i5 4Ghz RAM, Radeon 6750 512GDDR5
It looks like it was trying to defend against my wife's iPhone since that wasd8:a2:5e:c6:9f:4f. So I suppose that's good since it wasn't a "hacker"?
 
Joined
Feb 26, 2010
Messages
2,116
Reaction score
123
Points
63
Location
Rocky Mountain High, Colorado
Your Mac's Specs
1.8 GHz i7 MBA 11" OSX 10.8.2
Yes - that is what I found, if there is a power outage, or a brown out even, stuff can reset and everything requests an ip address at the same time, you could see that kind of contention. It's good that you found the MAC address that was causing the problem.

I actually have a netgear router that uses dhcp - but allows me to always assign a certain ipaddress to a MAC address so it doesn't happen very often to me anymore.
 
OP
F
Joined
Jun 20, 2011
Messages
19
Reaction score
0
Points
1
Your Mac's Specs
21.5" 2.5GHz i5 4Ghz RAM, Radeon 6750 512GDDR5
Thanks for your assistance in this matter, Ivan.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top