From: "Miroslav Kubik" <[EMAIL PROTECTED]>
To: <misc@openbsd.org>
Subject: ARP Poisoning
Date: Sun, 7 Aug 2005 00:23:49 +0200
Hello
In our intranet is an attacker who flooding OpenBSD router by ARP requests.
Due to this we have trouble with internet connection. Is there a way how to
protect server against ARP poisoning attack?
messages in /var/log/messages
Aug 6 23:33:53 host22 /bsd: arp info overwritten for 192.168.1.249 by
00:e0:98:be:d3:cd on rl0
Aug 6 23:33:53 host22 /bsd: arp info overwritten for 192.168.1.246 by
00:e0:98:c5:8b:b9 on rl0
Aug 6 23:33:53 host22 /bsd: arp info overwritten for 192.168.1.245 by
00:e0:98:c5:9b:c5 on rl0
Aug 6 23:33:53 host22 /bsd: arp info overwritten for 192.168.1.242 by
00:e0:98:c5:8b:b9 on rl0
and still continue
........
S pozdravem / Best Regards
Miroslav Kubik
IT Specialist
Enterprise Server Farms
Hello,
There is a book called "Building Firewalls with OpenBSD and PF, 2nd Edition
(Paperback)"
that has information on this.
rogern
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
