> Static ARP entries can prevent this if implement on the switch > (and it is a good idea to use them on all the network devices > as well). > Also, protocols such as IPSEC can strengthen any protocols tunneled > through it against manipulation or sniffing. Indeed. However static ARP entries don't help on Windows workstations, as opposed to what most people think. You can configure a static ARP entry with the arp-command, true, but ARP is a stateless protocol which means we can answer even if no one asks. If we send ARP-responses to a Windows computer, they overwrite the static ARP entries. That means we can poison the ARP cache at any time, we don't have to sit and wait for the computer to send ARP-requests. -- Toni Heinonen, CISSP Teleware Oy +358 40 836 1815
This archive was generated by hypermail 2b30 : Thu Jan 31 2002 - 09:55:23 PST