lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 02 May 2007 17:45:05 -0600
From:	Topher Fischer <>
To:	Chris Friesen <>
Subject: Re: ARP Spoofing

Hash: SHA1

Chris Friesen wrote:
> Vlad Yasevich wrote:
>> If by arp spoofing you mean receiving arp replies from multiple
>> sources and
>> trusting all of them, then I haven't seen anything.
>> I don't know the history as to why nothing has has been done.
> This concept is a valuable tool to allow for fast publishing of IP
> address takeover in redundant-server situations.
> There are ways in which it can be misused, but that doesn't make it an
> invalid technique.

I don't think it would be too difficult to preserve this kind of
functionality while improving security.  Is this really the only reason
why nothing has been done to protect machines from ARP spoofing?

- --
Topher Fischer
GnuPG Fingerprint: 3597 1B8D C7A5 C5AF 2E19  EFF5 2FC3 BE99 D123 6674
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora -

To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists