Date: Wed, 24 Sep 2003 09:27:11 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: Ruslan Ermilov <ru@freebsd.org> Cc: security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:14.arp Message-ID: <3F71C5DF.5030506@tenebras.com> In-Reply-To: <20030924162111.GA23542@sunbay.com> References: <200309241429.h8OETrhk097904@freefall.freebsd.org> <3F71ADCA.7090408@tenebras.com> <20030924162111.GA23542@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ruslan Ermilov wrote: > On Wed, Sep 24, 2003 at 07:44:26AM -0700, Michael Sierchio wrote: > >>FreeBSD Security Advisories wrote: >> >> >>>IV. Workaround >>> >>>There is no known workaround at this time. >> >>Using static ARP entries and turning off ARP on the interface >>should be a workaround. Whether this is remotely feasible >>depends on your situation. >> > > I still have not committed the code that supports static ARP > on an interface -- there's currently no way to do static ARP > only, if you disable ARP on an interface it will be disabled > in its whole. I'm puzzled by this -- you mean when I see wi0: flags=88c3<UP,BROADCAST,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1366 it's just *kidding* about the NOARP flag? IOW the NOARP flag changes the output of ifconfig, and that's it?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F71C5DF.5030506>