Re: How to hard wire arp tables? (Newbie)

From: hvdkooij@vanderkooij.org
Date: 11/15/01


Date: Thu, 15 Nov 2001 00:50:38 +0100 (CET)
From: <hvdkooij@vanderkooij.org>
To: Focus on Linux Mailing List <focus-linux@securityfocus.com>
Subject: Re: How to hard wire arp tables? (Newbie)
Message-ID: <Pine.LNX.4.33.0111150048260.13818-100000@ultra1.hugo.vanderkooij.org>

On Wed, 14 Nov 2001, brad's @ Home wrote:

> I want to hardwire my arp tables on a lan to protect against man in the
> middle attacks. I am using Redhat 7.1 and my install didn't include the file
> /etc/ethers. I created the file putting "mac address" (space) "ip address"
> as the man page directed. However, a book I have called for the opposite
> "ip address" (space) "mac address". I then add the line "apr -f
> /etc/ethers" to the end of my rc.local file. Next I ran the ./rc.local to
> reload the script.

/etc/ethers is for RARP only. If you want to use MAC level limitations
checkout tools like arpwatch.

RARP is for adding an IP adres to a box that has no local configuration
and was old enough to predate the bootp/dhcp period of our current day.
(My JavaStation is such a fine example ;-)

Hugo.

-- 
All email send to me is bound to the rules described on my homepage.
    hvdkooij@vanderkooij.org		http://hvdkooij.xs4all.nl/
	    Don't meddle in the affairs of sysadmins,
	    for they are subtle and quick to anger.