sniffer/promisc detector

• Previous message (by thread): sniffer/promisc detector
• Next message (by thread): sniffer/promisc detector
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

DJ> Date: Sat, 17 Jan 2004 14:57:19 -0500
DJ> From: Deepak Jain


DJ> I know most people don't take the time to hard code their
DJ> MACs onto their switch ports, but it really only takes a few
DJ> seconds per switch with a little cutting & pasting -- as
DJ> customer switches a network port, they just need to open a
DJ> ticket to have the address changed.

In the same vein, hardcoded router ARP entries in router configs
also help.  Yes, spoofed gratuitous ARP packets are detectable,
but they can still cause trouble.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
          DO NOT send mail to the following addresses :
  blacklist at brics.com -or- alfra at intc.net -or- curbjmp at intc.net
Sending mail to spambait addresses is a great way to get blocked.

• Previous message (by thread): sniffer/promisc detector
• Next message (by thread): sniffer/promisc detector
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]