Anthony Gruppuso wrote: > > Does anybody know of any switches that can protect against this type of > attack, or is virtually every switch affected? I imagine this is "old > news," so what have vendors done to counteract this type of activity? > The Cisco switches at least can be secured against this, if you can live with the inconvenience. If you have one machine per port, you can configure the switch to learn the first MAC address it sees, and then not accept frames from any other address. This means that you can't move machines around or changes NICs without the switch admin resetting the MAC address for the affected ports. It also means that you can't chain multiple machines off of any ports configured that way, say via a hub. BB
This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 08:34:52 PST