On Wed, 14 Jun 2006, Christopher L. Morrow wrote: | how about just mac security on switch ports? limit the number of mac's at | each port to 1 or some number 'valid' ?
Hi, Just to be clear, simple L2 mac security doesn't help here. This attack (arp spoofing on a shared subnet) does not involve more than one mac per switch port. Nor are there any changes in switch port / mac associations. You need to watch at the higher layers (arp, ip). Cheers -- Chris Edwards, Glasgow University Computing Service
