That was not my advice btw - just forwarding on what I saw.
What you say does seem like a "must do" all right - but putting ARP filters in is actually a reasonable idea. On 6/14/06, Christopher L. Morrow <[EMAIL PROTECTED]> wrote:
On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote: > > http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html > > * Monitor your local network for interfaces transmitting ARP > responses they shouldn't be. how about just mac security on switch ports? limit the number of mac's at each port to 1 or some number 'valid' ?
-- Suresh Ramasubramanian ([EMAIL PROTECTED])
