North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Interesting new spam technique - getting a lot more popular.

  • From: Chris Edwards
  • Date: Wed Jun 14 06:30:48 2006

On Wed, 14 Jun 2006, Christopher L. Morrow wrote:

| how about just mac security on switch ports? limit the number of mac's at
| each port to 1 or some number 'valid' ?


Just to be clear, simple L2 mac security doesn't help here.  

This attack (arp spoofing on a shared subnet) does not involve more than 
one mac per switch port.  Nor are there any changes in switch port / mac 

You need to watch at the higher layers (arp, ip).


Chris Edwards, Glasgow University Computing Service