thanks for the help, i've found realy interestin arp* :)
even if at the very end i've got what i was looking for, and now it
seems that the arp table is static and permanent, forbidding the arp
poisoning, maybe the <enable snmp-traps mac-security> command was
fundamental, even if i've found only a little refence about this command
at the end of only one page, written in smal small characters.
In any case, Arp* is very usefull, because it keeps track of who has
tried arppoisoning.
Thanks
Arjuna
Machiavel wrote:
And if you are working with Windows and AD you can simply send the
changes via a script to all your user. I don't think you even need AD
to send an "opening" script.
cheers
--
Machiavel
On 11/27/06, Lall, Navneet Singh <nlall@ipolicynetworks.com> wrote:
Hi,
You can stop mac address learning by using static arp tables. But this
Has an disadvantage that you need to update it whenever you change the
ip to mac mapping. However most of the time changes are not frequent.
Navneet Singh
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of tannhauser
Sent: Tuesday, November 28, 2006 4:07 AM
To: security-basics@securityfocus.com
Subject: Re: swicth summit extreme plus static permanent arp table
Hi,
On Sat, 25.11, 11:39, Arjuna Scagnetto wrote:
> Hi guys,
> can someone tell me how to stop the switch, a summit extreme 400-48t,
from
> learning new mac-address.
Not a direct answer, but arpstar (arpstar.sourceforge.net) can prevent
the (linux) computers in your network to get fooled.
Btw, does anyone know about anything else that actually can stop -not
just detect- arpspoofing?
tannhauser
