lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 02 May 2007 16:45:48 -0400 From: Vlad Yasevich <vladislav.yasevich@...com> To: Chris Friesen <cfriesen@...tel.com> Cc: Topher Fischer <javert42@...byu.edu>, netdev@...r.kernel.org Subject: Re: ARP Spoofing Chris Friesen wrote: > Vlad Yasevich wrote: > >> If by arp spoofing you mean receiving arp replies from multiple >> sources and >> trusting all of them, then I haven't seen anything. >> >> I don't know the history as to why nothing has has been done. > > This concept is a valuable tool to allow for fast publishing of IP > address takeover in redundant-server situations. > > There are ways in which it can be misused, but that doesn't make it an > invalid technique. > Yes, but when some bozo on the network misconfigures his system and steals the IP of the default router, all hell breaks lose. BSD is nice enough to tell you that a duplicate ARP response has been received and gives you nobs to be able to turn this on and off. BTW, the same issue came in IPv6, where a malicious user can cause all sorts of nasty things on the network and the solution for that was SEND (RFC 3971). So at least the same problem can be solved in IPv6. -vlad - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists