North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Interesting new spam technique - getting a lot more popular.

  • From: Suresh Ramasubramanian
  • Date: Wed Jun 14 00:16:49 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta;; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=o/JgTRkGOEzrAZsYMMZC37SYm9xI1lSPOX1HZsKsTRtfDkMyLsvwuXYAP7A6+w8cyZ2SyAahcvzrT00LsKJ34aWp5SRXA3iCMb54Rl4eS7Vw9FeJ9uROqysNBTFsy3HaOAgknRgHgZXvTGz13nKyK1f8oSrysd+rzt/d14e001g=

That was not my advice btw - just forwarding on what I saw.

What you say does seem like a "must do" all right - but putting ARP
filters in is actually a reasonable idea.

On 6/14/06, Christopher L. Morrow
<[email protected]> wrote:
On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:
>     * Monitor your local network for interfaces transmitting ARP
> responses they shouldn't be.

how about just mac security on switch ports? limit the number of mac's at
each port to 1 or some number 'valid' ?

Suresh Ramasubramanian ([email protected])