Re: arpwatch and more

To: debian-isp@lists.debian.org
Subject: Re: arpwatch and more
From: Mike Fedyk <mfedyk@matchmail.com>
Date: Fri, 16 Mar 2001 13:05:06 -0800
Message-id: <[🔎] 20010316130506.A15997@mikef-linux-x86>
Mail-followup-to: Mike Fedyk <mfedyk@matchmail.com>, debian-isp@lists.debian.org
In-reply-to: <[🔎] E14e0mO-00007G-00@torres.ka0.zugschlus.de>; from debian-isp.lists.debian.org@marc-haber.de on Fri, Mar 16, 2001 at 09:24:56PM +0100
References: <[🔎] 200103161728.MAA05966@announce.com> <[🔎] E14e0mO-00007G-00@torres.ka0.zugschlus.de>

On Fri, Mar 16, 2001 at 09:24:56PM +0100, Marc Haber wrote:
> On Fri, 16 Mar 101 12:28:54 -0500 (EST), Allen Ahoffman
> <ahoffman@announce.com> wrote:
> >can someone tell me how to secure a network so that:
> >the router won't route traffic if the specific mac address isn't
> >registered before hand?
> 
> Kernel 2.4 netfilter can make routing decisions depending on the MAC
> address.
> 
> Please be aware, though, that the MAC address is trivial to forge
> nowadays.
Hmm, how does a switch deal with the same mac address coming from two ports
at the same time?

Does that mean that we've lost the added security from ethernet switches?  I
can see that if a switch was fooled into sending traffic to two ports that
could be a security problem, if security depends on the switching function.

Mike

Reply to:

Follow-Ups:
- Re: arpwatch and more
  - From: Marc Haber <debian-isp.lists.debian.org@marc-haber.de>

References:
- arpwatch and more
  - From: Allen Ahoffman <ahoffman@announce.com>
- Re: arpwatch and more
  - From: Marc Haber <debian-isp.lists.debian.org@marc-haber.de>

Prev by Date: Re: arpwatch and more
Next by Date: Re: Remote shutdown ... of Win95
Previous by thread: Re: arpwatch and more
Next by thread: Re: arpwatch and more
Index(es):
- Date
- Thread