--pgp-sign-Multipart_Fri_Apr__1_10:58:00_2005-1
Content-Type: text/plain; charset=US-ASCII

>>>>> "wn" == Water NB <netbsd78@126.com> writes:

    wn> "arp -s 192.168.0.5 22:33:44:55:66:77" to bind it.  but when i
    wn> change my test PC's IP, I found another ARP entry in my box.
    wn> and test PC still can connect netbsd box.  how can i?

This arp -s ... should make it impossible for someone running ettercap
to hide 192.168.0.5's traffic from the intended recipient by
associating some other MAC address with 192.168.0.5, although I
haven't tested this.

As far as filtering incoming packets nothing will help.

As far as disabling ARP to prevent that MAC from getting assigned to
some other IP address, 'arp -s' won't do anything.  I tried to do this
myself for some hacker conference, and couldn't make it work.  The
ifconfig -arp flag does nothing.  What happens if you remove the
cloning route to the network, like 'route delete -net 192.168.0.0
-netmask 255.255.255.0'?  can you still have static link-layer routes
without that route?

--pgp-sign-Multipart_Fri_Apr__1_10:58:00_2005-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iQCVAwUAQk1viInCBbTaW/4dAQILXAP+LzHb85c7A6G1BEHi4vfUXP8t2vO+MeGc
UO6FyS7scN1axQ/COwBBykrAJQ+2W+5854Yhh2boSXDKWUhYgQdoQKFL6h37zRCC
NvbTqACXTIWz2HRkj2gaYE2+jBHVHkhGHU+qvIBhKv/1dENPNdLtaipiUUC1wYOV
Cb3/dIzG+SE=
=qdCn
-----END PGP SIGNATURE-----

--pgp-sign-Multipart_Fri_Apr__1_10:58:00_2005-1--