From owner-freebsd-questions  Wed Dec 20  4:24:35 2000
From owner-freebsd-questions@FreeBSD.ORG  Wed Dec 20 04:24:31 2000
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from nenya.ms.mff.cuni.cz (nenya.ms.mff.cuni.cz [195.113.17.137])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8CE0B37B400; Wed, 20 Dec 2000 04:24:27 -0800 (PST)
Received: from localhost (mencl@localhost)
	by nenya.ms.mff.cuni.cz (8.9.3+Sun/8.9.1) with ESMTP id NAA03984;
	Wed, 20 Dec 2000 13:23:25 +0100 (MET)
Date: Wed, 20 Dec 2000 13:23:25 +0100 (MET)
From: "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz>
To: David Talkington <dtalk@prairienet.org>
Cc: Chuck Rock <carock@epconline.net>, <security@FreeBSD.ORG>,
	<questions@FreeBSD.ORG>
Subject: RE: What anti-sniffer measures do i have? 
In-Reply-To: <Pine.LNX.4.30.0012192209100.2606-100000@sherman.spotnet.org>
Message-ID: <Pine.GSO.4.31.0012201319320.1889-100000@nenya.ms.mff.cuni.cz>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 19 Dec 2000, David Talkington wrote:

> Far as I know, hard-coding an arp table is the only way to prevent
> that sort of thing ... someone please correct me if I'm wrong?

Hardcoding the ARP table both in the switch and in every computer "to be
protected" in the network. Every computer would have to know both IP and
ethernet address of at least the router, the nameserver and all
computers it connects to.

Will it be enough?

...putting the switch into a mode like "use only-and-only this hardcoded
arp-table"....



			Vladimir Mencl





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message