[39162] in North American Network Operators' Group
Re: Cable Modem [really responsible engineering]
daemon@ATHENA.MIT.EDU (Wojtek Zlobicki)
Wed Jun 27 09:05:54 2001
Message-ID: <008d01c0ff09$c9294ed0$0602a8c0@wojtek>
From: "Wojtek Zlobicki" <wojtekz@idirect.com>
To: "PJ" <briareos@otherlands.net>
Cc: <nanog@nanog.org>
Date: Wed, 27 Jun 2001 09:05:05 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Having tried the utility, I guess I need to put my foot in my mouth (please
disregard my previous message)... I wonder how arping is able to get around
the MAC broadcast filters. Very dangerous tool !!
----- Original Message -----
From: "PJ" <briareos@otherlands.net>
To: "Wojtek Zlobicki" <wojtekz@idirect.com>
Cc: <nanog@merit.edu>
Sent: Wednesday, June 27, 2001 5:04 AM
Subject: Re: Cable Modem [really responsible engineering]
> On Tue, 26 Jun 2001, Wojtek Zlobicki wrote:
>
> >
> >
> > ----- Original Message -----
> > From: "Chris Adams" <cmadams@hiwaay.net>
> > To: <nanog@merit.edu>
> > Sent: Tuesday, June 26, 2001 9:20 PM
> > Subject: Re: Cable Modem [really responsible engineering]
> >
> > >
> > > Also, how do you prevent the user from trying to forge someone else's
> > > IP address or even MAC address in outgoing packets? Without
protecting
> > > against forged packets, I don't see how to provide accountability when
> > > someone attacks.
> >
> > How would anyone find out anothers MAC. As long as you seperate each
> > customer into their own bridge group, there is no way for them to find
> > anothers MAC. As for forging IP's not much you can do about that. MAC
> > address access list.. do they exists ?
> >
> >
>
> There is a neat little utility called arping that can return the MAC
address of a
> specified IP. Comes in handy for bypassing MAC address filters.
>
> PJ
>
> --
> Security is mostly a superstition. It does not exist in nature.
> -- Helen Keller
