On Fri, 2009-05-29 at 11:20 -0700, Peter Memishian wrote: > > The aforementioned bug's evaluation makes a cryptic reference to this > > "feature" being used by "security-conscious" customers, but I don't see > > how that can possibly be legitimate. Maybe someone who is more > > security-conscious than I can shed some light on that evaluation. > > I suppose if you wanted to ensure a given host (A) can only be reached by > a subset of other hosts, you could explicitly configure the ARP table of > those other hosts and delete the ARP entry from host A.
I see, but it seems to me like that's something that ipfilter could handle that more effectively. I wonder if someone actually depends on this behavior, which is always a tough question... -Seb _______________________________________________ networking-discuss mailing list [email protected]
