Interesting new spam technique - getting a lot more popular.

• Previous message (by thread): Interesting new spam technique - getting a lot more popular.
• Next message (by thread): Interesting new spam technique - getting a lot more popular.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 14 Jun 2006, Christopher L. Morrow wrote:

| how about just mac security on switch ports? limit the number of mac's at
| each port to 1 or some number 'valid' ?

Hi,

Just to be clear, simple L2 mac security doesn't help here.  

This attack (arp spoofing on a shared subnet) does not involve more than 
one mac per switch port.  Nor are there any changes in switch port / mac 
associations.

You need to watch at the higher layers (arp, ip).

Cheers


--
Chris Edwards, Glasgow University Computing Service

• Previous message (by thread): Interesting new spam technique - getting a lot more popular.
• Next message (by thread): Interesting new spam technique - getting a lot more popular.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]