Subject: Re: arp addresses, hostname faking
To: Andrew Wheadon <>
From: Darren Reed <>
List: current-users
Date: 07/23/1995 16:11:47
In some email I received from Andrew Wheadon, sie wrote:
> How can I have entrys in /etc/exports for a specific
> host and make it impossible for another host to fake
> it's address:
> i.e.
> /etc/exports.on.wipux2
> 	/src3	-alldirs -maproot=nobody
> I then added the arp-address of to /etc/arp.n
> /etc/arp.n.on.wipux2
>	00:00:c0:bf:43:af
> and run
> 	arp -f /etc/arp.n
> but when I take a different machine and put
> in it's /etc/hostname.ed0.on.bad.machine, then all I get on the wipux2
> 	arp info overwritten for 869b3b3e by 00:00:c0:bf:43:a0
> Is there a way to make NetBSD not accept changes to
> the arp table ? Or is there a better way to make it 
> secure against spoofing the ip-address.

You're assuming that a host can't change its ethernet address (which it
can).  eg "ifconfig le0 ether a:b:c:d:e:f".