Hello Paul, The problem is that, I am not an administrator of the network. I am a client of the network. The network is built on the unmanaged switches. ISP to the problem do not care, so interested in this patch. May you help with patch on OpenBSD ?
Monday, March 9, 2009, 3:02:23 PM, you wrote: PdW> From a quick glance over the patch, it seems pretty useless unless you PdW> also prevent MAC spoofing. You may want to look into port security for PdW> your switches or 802.1x if this is a big concern to you. PdW> Cheers, PdW> Paul 'WEiRD' de Weerd PdW> On Mon, Mar 09, 2009 at 02:11:38PM +0200, irix wrote: PdW> | Hello Misc, PdW> | PdW> | How to protect your server from such attacks without the use of static arp entries? PdW> | By freebsd 5.0 patch was written arp_antidote PdW> (http://freecap.ru/if_ether.c.patch), PdW> | somebody could port it on openbsd? PdW> | PdW> | Also, in freebsd it is possible to specify a flag through the ifconfig PdW> | on the interface "staticarp", while "If the Address Resolution Protocol is enabled, PdW> | the host will only reply to requests for its addresses, and will never send anyrequests." PdW> | May you made this flag in openbsd ? PdW> | -- PdW> | Best regards, PdW> | irix mailto:i...@ukr.net PdW> | -- Best regards, irix mailto:i...@ukr.net