[39160] in North American Network Operators' Group
Re: Cable Modem [really responsible engineering]
daemon@ATHENA.MIT.EDU (Wojtek Zlobicki)
Wed Jun 27 07:26:49 2001
Message-ID: <004801c0fefb$fa1c50e0$020a0a0a@wojtek>
From: "Wojtek Zlobicki" <wojtekz@idirect.com>
To: "PJ" <briareos@otherlands.net>
Cc: <nanog@merit.edu>
Date: Wed, 27 Jun 2001 07:26:15 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
And have you ever arped for an IP not on your subnet (I am really opening
myself up here if I am wrong :) ? ARP broadcasts
IIRC are sent to the MAC broadcast. If your data link layer broadcast
domain consists of you and a router, you will not be able to get any other
MAC. You will only be able to see the MAC addresses of those in the MAC
broadcast domain.
----- Original Message -----
From: "PJ" <briareos@otherlands.net>
To: "Wojtek Zlobicki" <wojtekz@idirect.com>
Cc: <nanog@merit.edu>
Sent: Wednesday, June 27, 2001 5:04 AM
Subject: Re: Cable Modem [really responsible engineering]
> On Tue, 26 Jun 2001, Wojtek Zlobicki wrote:
>
> >
> >
> > ----- Original Message -----
> > From: "Chris Adams" <cmadams@hiwaay.net>
> > To: <nanog@merit.edu>
> > Sent: Tuesday, June 26, 2001 9:20 PM
> > Subject: Re: Cable Modem [really responsible engineering]
> >
> > >
> > > Also, how do you prevent the user from trying to forge someone else's
> > > IP address or even MAC address in outgoing packets? Without
protecting
> > > against forged packets, I don't see how to provide accountability when
> > > someone attacks.
> >
> > How would anyone find out anothers MAC. As long as you seperate each
> > customer into their own bridge group, there is no way for them to find
> > anothers MAC. As for forging IP's not much you can do about that. MAC
> > address access list.. do they exists ?
> >
> >
>
> There is a neat little utility called arping that can return the MAC
address of a
> specified IP. Comes in handy for bypassing MAC address filters.
>
> PJ
>
> --
> Security is mostly a superstition. It does not exist in nature.
> -- Helen Keller
