Re: Pertaining to the "Any reasons to filter ARP packets?"



"Moe Trin" typed:
Ayaz Ahmed Khan wrote:
But, we still prefer to ask for permission to publish the posts
verbatim or with some alterations.

Publishing verbatim is no problem - any alterations would
technically violate that copyright.

Thank you. We will publish your post *as is*.

Mine was only one article, and things sort of wandered away from
that set of points I was making. What seems to have been missed was
the last paragraph:

] Hardware addresses (and IP itself) is only as secure as your control of
] access to the network, though encryption helps quite a bit. If you are
] concerned about attack mechanisms using ARP or hardware addresses, you
] need to be looking at other problems as well.

You can use static ARP tables (and disable ARP on the media itself),
but this offers no protection from someone using '/sbin/ifconfig -hw
ether 08:00:de:ad:be:ef' to change the MAC address their interface
is using. In a intelligently configured switched network, the switch
_MAY_ be configured to only permit "a" specific MAC address on any
specific port, and of course the system that is being spoofed _MAY_
detect some other host sending packets with it's MAC address and
complain, but the story boils down to control of access to the
network. Poker is a popular card game played with an ordinary deck
of cards - but when dealing with computer security please remember
that "Physical Access Beats Five Aces". Think about that.

No doubt.

We would appreciate it if you guys can get in touch with Mikhail or
I. The addresses on the website and the one in the Reply-To field of
the header of this post are valid and functioning.

Quite obviously my posting name (and email address) is not real. I'm
under a Non-Disclosure Agreement with my employer (even though I am
not posting through their news server). I work at a research
facility, and The Powers That Be get all grumpy when anything is
mentioned - we might be giving hints of what "The New Product" is
going to be/do/look like. Personally, I have not qualms of my post
being included as is - google obviously does so (with the
not-unreasonable munging of usernames), and the few times I have
used the "X-No-Archive:" header was to prevent caching URLs that I
had included (abuse mitigation).

That's OK. Thanks for replying. Your posts will be published under
your pseudonym.

--
Ayaz Ahmed Khan

Then, gently touching my face, she hesitated for a moment as her
incredible eyes poured forth into mine love, joy, pain, tragedy,
acceptance, and peace. "'Bye for now," she said warmly.
-- Thea Alexander, "2150 A.D."

.