Re: checking the not allowed changing of IP's

To: Josh Rollyson <dinodrac@magenet.net>
Cc: debian-firewall@lists.debian.org
Subject: Re: checking the not allowed changing of IP's
From: Szabó Tamás <sztamas@ots.rdscj.ro>
Date: Wed, 17 Oct 2001 08:27:18 +0200
Message-id: <3BCD24C6.E870E19D@ots.rdscj.ro>
References: <3BC6CB2F.F50465DB@ots.rdscj.ro> <20011016072231.G21913@summit.magenet.net>

Hi!

> Some network cards won't allow this, and afaik no winblows product will.
> 
> A switch with static arp tables is a more drastic solution if you really
> need this kind of spoofed IP protection. That way each machine
> has its own port on the switch, which only allows the MAC address
> for that machine and that machine only on that port.
> You would probably be well advised to set up static ARP tables on the
> firewall as well (just be aware that if you change a network card you
> have to update this :)
> As other have suggested, arpwatch is also a good idea.

Yes, I was thinking about to solve this problem with the use of the
switch.
I don't know SNMP yet. But isn't possible to monitor on the switch when
the MAC-switchport association changes with SNMP?
If this would be possible then the problem would be solved withou beeing
drastic. I mean that the arp table of the switch needs not to be
static...

Thanks,
Tamas

Reply to:

References:
- checking the not allowed changing of IP's
  - From: Szabó Tamás <sztamas@ots.rdscj.ro>
- Re: checking the not allowed changing of IP's
  - From: Josh Rollyson <dinodrac@magenet.net>

Prev by Date: Re: checking the not allowed changing of IP's
Next by Date: Re: checking the not allowed changing of IP's
Previous by thread: Re: checking the not allowed changing of IP's
Next by thread: Re: checking the not allowed changing of IP's
Index(es):
- Date
- Thread