From owner-freebsd-security  Tue Apr 20  7:57:56 1999
Delivered-To: freebsd-security@freebsd.org
Received: from trooper.velocet.ca (trooper.velocet.net [209.167.225.226])
	by hub.freebsd.org (Postfix) with ESMTP id E551014E59
	for <security@FreeBSD.ORG>; Tue, 20 Apr 1999 07:57:53 -0700 (PDT)
	(envelope-from dgilbert@trooper.velocet.ca)
Received: (from dgilbert@localhost)
	by trooper.velocet.ca (8.8.7/8.8.7) id KAA28930;
	Tue, 20 Apr 1999 10:55:23 -0400 (EDT)
From: David Gilbert <dgilbert@velocet.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14108.38235.254919.924353@trooper.velocet.ca>
Date: Tue, 20 Apr 1999 10:55:23 -0400 (EDT)
To: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu>
Cc: "Frederick J Polsky v1.0" <fred@fredbox.com>,
	security@FreeBSD.ORG
Subject: Re: poink attack (was Re: ARP problem in Windows9X/NT)
In-Reply-To: <Pine.LNX.3.96L.990419222013.8966A-100000@unix48.andrew.cmu.edu>
References: <Pine.BSF.4.05.9904191804230.13349-100000@bogomatic.fredbox.com>
	<Pine.LNX.3.96L.990419222013.8966A-100000@unix48.andrew.cmu.edu>
X-Mailer: VM 6.71 under 20.4 "Emerald" XEmacs  Lucid
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>>>>> "Harry" == Harry M Leitzell <Harry_M_Leitzell@cmu.edu> writes:

Harry> 	It also hits college campuses, which are a haven for
Harry> misconfigured Linux machines that provide easy quick root
Harry> access on the Local network.  Not to say that CMU has this
Harry> problem or anything like that.

Not this discussion 'should' be about what 'should' be, but wouldn't
it make sense to have the DHCP server be the 'athority' by which
hardware addresses are resolved?  I suppose there's little security
built into that protocol, too.  We recently went to implement it for a 
customer and were somewhat taken aback by what could happen if someone 
managed to just 'connect' a laptop to the network who wasn't supposed
to.

Dave.

-- 
============================================================================
|David Gilbert, Velocet Communications.       | Two things can only be     |
|Mail:       dgilbert@velocet.net             |  equal if and only if they |
|http://www.velocet.net/~dgilbert             |   are precisely opposite.  |
=========================================================GLO================


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message