Re: MAC Bindings
From: Richard Arends (richard@unixguru.nl)Date: 08/23/01
- Previous message: Hugo van der Kooij: "Re: MAC Bindings"
- In reply to: m.s.: "MAC Bindings"
- Next in thread: Seth Arnold: "Re: MAC Bindings"
- Next in thread: bugtraq@vomit.seifried.org: "Re: MAC Bindings"
- Reply: Seth Arnold: "Re: MAC Bindings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Aug 2001 12:17:06 +0200 (CEST) From: Richard Arends <richard@unixguru.nl> To: "m.s." <ms@shanock.com> Subject: Re: MAC Bindings Message-ID: <Pine.BSO.4.33.0108231211310.10848-100000@mail.unixguru.nl>
On Wed, 22 Aug 2001, m.s. wrote:
> I'm faced with the problem of configuring a Linux router to prevent hosts
> on the network from spoofing ARP requests to prevent ARP-based MiM
> attacks on the network. I haven't been able to find any documentations on
> this matter, and thought asking here would be appropriate. The machine is
> running Linux 2.2.19.
You can disable arp on youre NIC with ifconfig (-arp or noarp). Then you
have to build a static arp-table for that NIC where al the hosts in your
are listed in with arp -s.
For a small network this shouldn't be a problem. For a large network this
is a lot of work, but there you can use a database with all the mac's
listed in. Then build a program (script) that query's the database and
builds the arp table.
Greetings,
Richard.
- Previous message: Hugo van der Kooij: "Re: MAC Bindings"
- In reply to: m.s.: "MAC Bindings"
- Next in thread: Seth Arnold: "Re: MAC Bindings"
- Next in thread: bugtraq@vomit.seifried.org: "Re: MAC Bindings"
- Reply: Seth Arnold: "Re: MAC Bindings"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
