From owner-freebsd-security  Mon Jul  1 09:27:19 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA07862
          for security-outgoing; Mon, 1 Jul 1996 09:27:19 -0700 (PDT)
Received: from post.io.org (post.io.org [198.133.36.6])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA07847
          for <freebsd-security@freebsd.org>; Mon, 1 Jul 1996 09:27:15 -0700 (PDT)
Received: from zap.io.org (taob@zap.io.org [198.133.36.81]) by post.io.org (8.7.5/8.7.3) with SMTP id MAA17735; Mon, 1 Jul 1996 12:27:01 -0400 (EDT)
Date: Mon, 1 Jul 1996 12:27:01 -0400 (EDT)
From: Brian Tao <taob@io.org>
To: Nate Williams <nate@mt.sri.com>
cc: FREEBSD-SECURITY-L <freebsd-security@freebsd.org>
Subject: Re: Possible to block ARP?
In-Reply-To: <199607011528.JAA09543@rocky.mt.sri.com>
Message-ID: <Pine.NEB.3.92.960701121723.16306B-100000@zap.io.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 1 Jul 1996, Nate Williams wrote:
>
> If you don't have access to those machines, then there's no easy way
> of 'selectively' responding to ARP requests depending on the
> originator.

    Hmmm, that would have been optimal, but your suggestion of
publishing a fake ARP entry should work well enough.  I'd only have to
worry about routers that can show their ARP cache, but not let you
override them.  Users don't (shouldn't) have admin access to those
boxes anyway...
--
Brian Tao (BT300, taob@io.org, taob@ican.net)
Systems and Network Administrator, Internet Canada Corp.
"Though this be madness, yet there is method in't"