Date: Fri, 24 Mar 2006 14:17:10 +0300 From: Eygene Ryabinkin <rea-fbsd@rea.mbslab.kiae.ru> To: Jon Otterholm <jon.otterholm@ide.resurscentrum.se> Subject: Re: How do you keep users from stealing other user's ip?? Message-ID: <20060324111710.GB10570@rea.mbslab.kiae.ru> Resent-Message-ID: <20060324111815.GC10570@rea.mbslab.kiae.ru> In-Reply-To: <4423D210.2010002@ide.resurscentrum.se> References: <20060324060140.86793.qmail@web51615.mail.yahoo.com> <4423BE70.2010807@wm-access.no> <4423CBD5.2040208@ide.resurscentrum.se> <20060324104859.GA10570@rea.mbslab.kiae.ru> <4423D210.2010002@ide.resurscentrum.se>
next in thread | previous in thread | raw e-mail | index | archive | help
> But you wont get any traffic if the FDB on the switch is locked down. > > Example: > MAC Address Port Type > ---------------------- ------ ---------------- > 00-04-75-71-AE-22 11 Dynamic > > > If you lock down so that only MAC 00-04-75-71-AE-22 could be associated with > port 11 and any other MAC showing up on that port is ignored - the computer on > that port could change his MAC and the switch simply wont transfer any packets > destined for the spoofed MAC to that port. Uhm, sorry, missed the point that if we trust cable from PC to port then port security helps. Thanks for clarifying this! -- Eygene
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060324111710.GB10570>