Date: 24 Jan 2004 10:20:13 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Alexey Kuzmenko <ask@un.kiev.ua> Cc: freebsd-questions@freebsd.org Subject: Re: ARP poisonong. LIVE_MAC Message-ID: <4465f1fk5u.fsf@be-well.ilk.org> In-Reply-To: <137240266074.20040123122339@un.kiev.ua> References: <137240266074.20040123122339@un.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexey Kuzmenko <ask@un.kiev.ua> writes: > There is a kernel module under Linux which is called LIVE-MAC. This > module provide a sort of arp spoofing attack. It broadcasts arp > replies for restricted host causing these hosts (basically windows) not > to work in the LAN. What an incredibly ugly idea. > I'm wandering if there is something like above but for FreeBSD. I need > to disallow any host network activity from the server (FreeBSD 4.8) Surely there's a better way to implement what you're actually trying to do; like firewalling the server you don't want accessed. Even if you were going to try to do this by attacking ARP, I wouldn't mess with the real IP stack to do it. Couldn't you could get the same effect by using RARP or proxy ARP? -- Lowell Gilbert, embedded/networking software engineer, Boston area: resume/CV at http://be-well.ilk.org:8088/~lowell/resume/ username/password "public"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4465f1fk5u.fsf>