lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 02 May 2007 17:45:05 -0600
From:	Topher Fischer <javert42@...byu.edu>
To:	Chris Friesen <cfriesen@...tel.com>
CC:	netdev@...r.kernel.org
Subject: Re: ARP Spoofing

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chris Friesen wrote:
> Vlad Yasevich wrote:
> 
>> If by arp spoofing you mean receiving arp replies from multiple
>> sources and
>> trusting all of them, then I haven't seen anything.
>>
>> I don't know the history as to why nothing has has been done.
> 
> This concept is a valuable tool to allow for fast publishing of IP
> address takeover in redundant-server situations.
> 
> There are ways in which it can be misused, but that doesn't make it an
> invalid technique.

I don't think it would be too difficult to preserve this kind of
functionality while improving security.  Is this really the only reason
why nothing has been done to protect machines from ARP spoofing?


- --
Topher Fischer
GnuPG Fingerprint: 3597 1B8D C7A5 C5AF 2E19  EFF5 2FC3 BE99 D123 6674
javert42@...byu.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFGOSKBL8O+mdEjZnQRAowZAJoCawbK1IM+TxBvAaNGtzdw5UrDmgCdGB5L
1mJdu4W61Opj+zqgtQJfdp8=
=qlBs
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists