Re: Redir games with ARP and ICMP

Olaf Seibert (rhialto@POLDER.UBC.KUN.NL)
Tue, 23 Sep 1997 18:36:03 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Neil J Long: "Re: Redir games with ARP and ICMP"
Previous message: HAKNER JEFF: "Re: SunOS4.1.X sockopt panic"
Maybe in reply to: Yuri Volobuev: "Redir games with ARP and ICMP"
Next in thread: Neil J Long: "Re: Redir games with ARP and ICMP"

John Goerzen wrote:
> Having anticipated such a problem already (in our envoronment, there are
> many lab machines which have NFS access to user disks on a server. These
> machines may even be turned OFF which makes it easy for a spoofer to get
> in.), I wrote a short Perl script designed to be run from the system
> startup file. Basically, it "primes" the ARP cache on Linux with the
> IP and MAC addresses of known machines, setting a flag so that they are
> never removed from the cache and can never be changed.
>
> The config file format is simple -- IP address followed by MAC address,
> separated by whitespace. Pound at the beginning of a line indicates
> comment.

> This has only been tested on Linux -- people on other platforms may need
> to adjust the parameters to arp in the system call.

Some systems (notably BSD variants) have the arp -f option:

-f Causes the file filename to be read and multiple entries to be
set in the ARP tables. Entries in the file should be of the form

hostname ether_addr [temp] [pub]

with argument meanings as given above.

-Olaf.

--
___ Olaf 'Rhialto' Seibert      D787B44DFC896063 4CBB95A5BD1DAA96
\X/ It's not easy having a good time    rhialto@polder.ubc.kun.nl

Next message: Neil J Long: "Re: Redir games with ARP and ICMP"
Previous message: HAKNER JEFF: "Re: SunOS4.1.X sockopt panic"
Maybe in reply to: Yuri Volobuev: "Redir games with ARP and ICMP"
Next in thread: Neil J Long: "Re: Redir games with ARP and ICMP"