Analyzing traffic (ping requests I didnt do etc)

Watched some traffic this morning .  I saw a few ping requests, that I didnt iniate, from the pc downstairs. No one was home but me.

192.168.1.8 (host) first did an ARP request to locate my router (192.168.1.40).
It then got the MAC and sent a ping request
192.168.1.40 replied


A few minutes later, another pc in my network sent a ping request to the same router (192.168.1.40)

What is up with this?

2. 192.168.2.2 is doing SNMP broadcasts. It's a wireless access point. Is this normal? I'm assuming it's broadcasting information so an SNMP server can pick it up? (even though I do not have an SNMP server)

3. Seeing my DHCP server doing some broadcasts.  (DHCP inform, DHCP acks).  What is this?
Thanks
dissolvedAsked:
Who is Participating?
 
lrmooreCommented:
Sounds like a Microsoft PC performing dead gateway detection to make sure the default gateway is still alive. Normal behavior

2. Yes, unless you specifically configure the AP with the proper community strings and take out the default broadcast address for snmp traps, you will see this kind of traffic.

3. Exactly what you think they are. Informs and acks. The DHCP server maintains contact with client every once in a while and vice versa. The timing depends on the length of the lease. If 1/2 of the lease period is expired, then several conversations begin between the client and server. "can I renew my lease early?" "sure, why not" "do you have any changes for me?" "nope, use what I gave you last time"... etc..
0
 
HackLifeCommented:
lrmoore, well said.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.