We have recently started deploying ESET Endpoint Security 6.4.2014.0 in a corporate setting of around 500 machines. For many of our laptop clients, we are now receiving the following alerts:
Duplicate IP addresses detected in network
Detected ICMP Flooding attack
However, I am certain that there are not any duplicate ip addresses. If the problem were this widespread, we would have found it by now. I have been here for over 5 years.
Could this have something to do with users who do not disable the WIFI when hard wired? Possible, but we are also seeing this for remote VPN clients as well. For what it's worth, we have a high-end SonicWALL firewall.