On Wed, 2007-03-14 at 10:52 -0600, Topher Fischer wrote: > Also, in my mind, the solution to this problem seems too easy. I must > be missing something. Why do machines even pay attention to ARP replies > that they did not solicit? Why isn't ARP just implemented so that when > a request is sent out, then any matching replies are processed and > nothing more? What am I missing here?
I "researched" this one time too. What I found was that Linux and Cisco devices were not vulnerable to ARP spoofing because they did just as you outline. I looked through some of the ARP code in Linux and that appeared to indeed be the case, although I can't say I know that for sure. Windows was easily spoofed however. Corey /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
