Date: Fri, 20 Apr 2001 13:55:51 -0400 From: "Joseph Gleason" <clash@tasam.com> To: =?iso-8859-1?Q?P=E4r_Thoren?= <t98pth@student.bth.se>, <freebsd-security@FreeBSD.ORG> Subject: Re: static arp values Message-ID: <007b01c0c9c3$238fb480$dc02010a@battleship> References: <Pine.GSO.4.21.0104201903300.26618-100000@helios>
next in thread | previous in thread | raw e-mail | index | archive | help
When you do arp -a, is the static entry you set marked as permanent? Did you simulate anouther box taking that IP and look at the arp table afterward? Also, you should be aware that some cards allow you to change the MAC address of the card. (At least I think so...never tried it) So an evil machine could steal the MAC address and fool the switch into sending it your traffic. Depending on how advanced your switch is and if it is managable, you can hardcode what MAC address is on what port...avoid this one as well. ----- Original Message ----- From: "Pär Thoren" <t98pth@student.bth.se> To: <freebsd-security@FreeBSD.ORG> Sent: Friday, April 20, 2001 13:13 Subject: static arp values > Hi! > > > Is it possible to make a arptable entry static? For example the arp adress > of my gateway. So that man-in-the-middle attack can be prevented. > > > I´ve tried "arp -S ip-adres mac-adres" but it seems that it is still > possible to infect the arptable with a false mac adress of the gateway and > sniff the connection. > > > /Pär > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007b01c0c9c3$238fb480$dc02010a>