On Wed, 02 May 2007 17:45:05 -0600 Topher Fischer <[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Chris Friesen wrote: > > Vlad Yasevich wrote: > > > >> If by arp spoofing you mean receiving arp replies from multiple > >> sources and > >> trusting all of them, then I haven't seen anything. > >> > >> I don't know the history as to why nothing has has been done. > > > > This concept is a valuable tool to allow for fast publishing of IP > > address takeover in redundant-server situations. > > > > There are ways in which it can be misused, but that doesn't make it an > > invalid technique. > > I don't think it would be too difficult to preserve this kind of > functionality while improving security. Is this really the only reason > why nothing has been done to protect machines from ARP spoofing? > Surely, you can do what you want with netfilter/arptables. -- Stephen Hemminger <[EMAIL PROTECTED]> - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
