Date: Mon, 19 Apr 1999 14:54:56 -0600 From: Warner Losh <imp@harmony.village.org> To: Rajit Manohar <rajit@csl.cornell.edu> Cc: security@FreeBSD.ORG Subject: Re: poink and freebsd Message-ID: <199904192054.OAA27522@harmony.village.org> In-Reply-To: Your message of "Mon, 19 Apr 1999 14:54:18 EDT." <199904191854.OAA02778@mozart.csl.cornell.edu> References: <199904191854.OAA02778@mozart.csl.cornell.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199904191854.OAA02778@mozart.csl.cornell.edu> Rajit Manohar writes: : about a minute, everything returned to normal (AFAIK). I'd guess that : a repeated-poink, or a poink of an nfs server would be a more serious : problem. Sounds like your typical "Let's claim to be someone else and confuse everybody" DOS that has been well know since at least the late 80's, if not before. arp has no authentication in it, so short of hard wiring the arp cache on all your machines, I don't think there is much that can be done about this. Even detecting that it is going on and keeping the right address is going to be hard in the face of a more demented attack from cards that allow one to set one's own NIC address. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199904192054.OAA27522>