Date: Wed, 19 Aug 1998 22:59:02 -0400 (EDT) From: Snob Art Genre <benedict@echonyc.com> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Bill Fenner <fenner@parc.xerox.com>, freebsd-security@FreeBSD.ORG, freebsd-bugs@FreeBSD.ORG Subject: Re: Gateway/firewall denial of service Message-ID: <Pine.GSO.4.02.9808192257490.26430-100000@echonyc.com> In-Reply-To: <199808192118.RAA07353@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 19 Aug 1998, Garrett Wollman wrote: > <<On Wed, 19 Aug 1998 12:56:24 PDT, Bill Fenner <fenner@parc.xerox.com> said: > > > I think the proper fix is for arp to ignore ARP replies for an address > > that the routing table routes to a different interface. > > This seems reasonable. Why not just ignore replies on interfaces other than the one the request was sent on? Is connecting to the same segment with more than one interface supported, btw? Ben "You have your mind on computers, it seems." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.02.9808192257490.26430-100000>