Date: Mon, 1 Jul 1996 09:28:42 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: Brian Tao <taob@io.org> Cc: FREEBSD-SECURITY-L <freebsd-security@freebsd.org> Subject: Re: Possible to block ARP? Message-ID: <199607011528.JAA09543@rocky.mt.sri.com> In-Reply-To: <Pine.NEB.3.92.960701105220.16306A-100000@zap.io.org> References: <Pine.NEB.3.92.960701105220.16306A-100000@zap.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm trying to make my firewall totally invisible to certain > machines on my network. The only thing I can't seem to get rid of is > its entry in the ARP tables when someone tries to pings its IP > address. Is this possible? Do you have access to the machine in question? If so, you can 'add' a permanent fake-ARP entry on that box, which would be easier than trying to add a kernel hack to avoid having it's ARP entry published. Find an ethernet address of a machine that doesn't exist on your network (feel free to use this one '00:00:c0:50:b9:0a') and tell the machines you don't want to have access to your firewall that this is the entry for that machine. ie; # arp -s firewall.brian.tao 00:00:c0:50:b9:0a pub # ping firewall.brian.tao [ Nothing ] If you don't have access to those machines, then there's no easy way of 'selectively' responding to ARP requests depending on the originator. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607011528.JAA09543>