Re: FreeBSD Security Advisory FreeBSD-SA-03:14.arp

From: Ruslan Ermilov (ru_at_freebsd.org)
Date: 09/24/03

  • Next message: Michael Sierchio: "Re: FreeBSD Security Advisory FreeBSD-SA-03:14.arp" 
    Date: Wed, 24 Sep 2003 20:04:42 +0300
To: Michael Sierchio <kudzu@tenebras.com>

    On Wed, Sep 24, 2003 at 09:32:51AM -0700, Michael Sierchio wrote:
    > Ruslan Ermilov wrote:
    >
    > >I still have not committed the code that supports static ARP
    > >on an interface -- there's currently no way to do static ARP
    > >only, if you disable ARP on an interface it will be disabled
    > >in its whole.
    >
    > It's clear to me that turning ARP off on wi0 on my machine
    > means no gratuitous arp will be xmitted, and no arp messages
    > will be responded to. It's also clear that the static arp
    > entries for the wireless LAN get entered into the table, and
    > that ARP continues to work on the wired section.
    >
    > Are you saying I'm hallucinating?
    >
    Right. But static ARP means something different. It means
    that the APR table is frozen, but system will still reply
    to ARP requests for its addresses, which is not done if
    IFF_NOARP flag is set on an interface.

    Cheers, 

    -- 
Ruslan Ermilov		Sysadmin and DBA,
ru@sunbay.com		Sunbay Software Ltd,
ru@FreeBSD.org		FreeBSD committer

  • Next message: Michael Sierchio: "Re: FreeBSD Security Advisory FreeBSD-SA-03:14.arp"

    Relevant Pages

    • RE: Windows 2000 Static arp not static
      ... The switch still sees the offending machine as having the correct ... MAC address and the victim as having the correct MAC address. ... One that detects these ARP flip-flops. ... unless you meant static arp entries. ...
      (Focus-Microsoft)
    • Re: static ARP
      ... > BSD router that serves a private network. ... > Is it possible to disable ARP on that interface and make static ARP ...
      (freebsd-isp)
    • Re: Stopping Arp poison attacks
      ... static arp entries also can be used for critical ... sure) static arp entry is not solution for windows ... As attacks through web ... a managed service can ...
      (Pen-Test)
    • Re: Cant run TCP/IP through AX.25 using Linux
      ... When I first started playing with TCP/IP over packet maybe 12 years ago we did all we could to stop ARP broadcasts in our local subnet. ... I made a lot of noise over that setup and suggested that if the b/w was unchangable then we should use static ARP tables. ... Well in a way you are simply shifting the HDX switching back to the computer instead of using the radio hardware. ...
      (rec.radio.amateur.digital.misc)
    • RE: [Full-Disclosure] Re: Cain and Abel
      ... Static ARP entries on a server should be enough to prevent ... switches to prevent against MAC address spoofing. ...
      (Full-Disclosure)