Subject: Re: How to bind IP to MAC?
To: None <tech-net@netbsd.org>
From: Miles Nordin <carton@Ivy.NET>
List: tech-net
Date: 04/01/2005 10:58:00
--pgp-sign-Multipart_Fri_Apr__1_10:58:00_2005-1
Content-Type: text/plain; charset=US-ASCII
>>>>> "wn" == Water NB <netbsd78@126.com> writes:
wn> "arp -s 192.168.0.5 22:33:44:55:66:77" to bind it. but when i
wn> change my test PC's IP, I found another ARP entry in my box.
wn> and test PC still can connect netbsd box. how can i?
This arp -s ... should make it impossible for someone running ettercap
to hide 192.168.0.5's traffic from the intended recipient by
associating some other MAC address with 192.168.0.5, although I
haven't tested this.
As far as filtering incoming packets nothing will help.
As far as disabling ARP to prevent that MAC from getting assigned to
some other IP address, 'arp -s' won't do anything. I tried to do this
myself for some hacker conference, and couldn't make it work. The
ifconfig -arp flag does nothing. What happens if you remove the
cloning route to the network, like 'route delete -net 192.168.0.0
-netmask 255.255.255.0'? can you still have static link-layer routes
without that route?
--pgp-sign-Multipart_Fri_Apr__1_10:58:00_2005-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)
iQCVAwUAQk1viInCBbTaW/4dAQILXAP+LzHb85c7A6G1BEHi4vfUXP8t2vO+MeGc
UO6FyS7scN1axQ/COwBBykrAJQ+2W+5854Yhh2boSXDKWUhYgQdoQKFL6h37zRCC
NvbTqACXTIWz2HRkj2gaYE2+jBHVHkhGHU+qvIBhKv/1dENPNdLtaipiUUC1wYOV
Cb3/dIzG+SE=
=qdCn
-----END PGP SIGNATURE-----
--pgp-sign-Multipart_Fri_Apr__1_10:58:00_2005-1--