Proxy ARP detection

• Previous message (by thread): Proxy ARP detection
• Next message (by thread): Proxy ARP detection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Cisco PIX's used to do this if the firewall had a route and saw a ARP request in that IP range it would proxy arp.

----- Original Message -----
> 
> On Jan 15, 2014, at 4:03 PM, Niels Bakker <niels=nanog at bakker.net> wrote:
> 
> > * clay at bloomcounty.org (Clay Fiske) [Thu 16 Jan 2014, 00:59 CET]:
> >> This is where theory diverges nicely from practice. In some cases the
> >> offender broadcast his reply, and guess what else? A lot of routers
> >> listen to unsolicited ARP replies.
> > 
> > I've never seen this.  Please name vendor and product, if only so other
> > subscribers to this list can avoid doing business with them.
> 
> This was some time ago, but the two I was able to dig up from that case were
> both Junipers. Perhaps it’s something that only happens when proxy ARP is
> enabled?
> 
> 
> -c
> 
> 
> 

-- 
Eric Rosen
CCIE Security #17821
Information Security Analyst
Red Hat, Inc
erosen at redhat.com
919.890.8555 x48555
IRC erosen

• Previous message (by thread): Proxy ARP detection
• Next message (by thread): Proxy ARP detection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]