Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Interesting new spam technique - getting a lot more popular.

  • From: Suresh Ramasubramanian
  • Date: Wed Jun 14 00:16:49 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=o/JgTRkGOEzrAZsYMMZC37SYm9xI1lSPOX1HZsKsTRtfDkMyLsvwuXYAP7A6+w8cyZ2SyAahcvzrT00LsKJ34aWp5SRXA3iCMb54Rl4eS7Vw9FeJ9uROqysNBTFsy3HaOAgknRgHgZXvTGz13nKyK1f8oSrysd+rzt/d14e001g=

That was not my advice btw - just forwarding on what I saw.

What you say does seem like a "must do" all right - but putting ARP
filters in is actually a reasonable idea.

On 6/14/06, Christopher L. Morrow
<christopher.morrow@verizonbusiness.com> wrote:
On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:
>
> http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html
>
>     * Monitor your local network for interfaces transmitting ARP
> responses they shouldn't be.

how about just mac security on switch ports? limit the number of mac's at
each port to 1 or some number 'valid' ?


--
Suresh Ramasubramanian (ops.lists@gmail.com)




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.