In addition to the anti-spoofing tools described above, the anti-spoofing feature can also be configured to log, through SYSLOG and SNMP traps, duplicate IP addresses when they are bound to different MAC addresses. This situation is usually due to a misconfiguration in the network and is generally not indicative of an attack, but can be a worthwhile event to record, as administrative action may be needed to reconcile the condition. These duplicate IP addresses are only detected upon a user's binding change, and do not apply to duplicate IP addresses over ports for the same MAC address (for example, if a single user moves from one port to another).