Re: MBone

To: Joe Touch <touch at ISI.EDU>
Subject: Re: MBone
From: "Gary E. Miller" <gem at rellim.com>
Date: Mon, 23 Sep 2002 14:54:22 -0700 (PDT)
Cc: ietf at ietf.org
In-reply-to: <3D8F8BF7.6080602@isi.edu>
Sender: owner-ietf at ietf.org

Yo Joe!

On Mon, 23 Sep 2002, Joe Touch wrote:

> > root has no problem seeing adjacent UDP even on a switch.  Just
> >overflow the arp cache or poison it.
>
> That all presumes the switch doesn't detect this as an attack and
> shutdown that link, which is an entirely reasonable reaction.

resonable yes, practical, no.

The only way I know to prevent this is to hard code the MACs on the
switch.  This is time consuming to install and to maintain.

Barring that, please name ONE switch, or cite ONE credible reference
source, where arpspoofing is prevented at the switch by any means short
of harcoding the MACs.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
	gem at rellim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

Follow-Ups:
- Re: MBone
  - From: Joe Touch
- Re: MBone
  - From: Matt Crawford

References:
- Re: MBone
  - From: Joe Touch

Prev by Date: Re: MBone
Next by Date: Re: MBone
Previous by thread: Re: MBone
Next by thread: Re: MBone
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: MBone

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.