Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Interesting new spam technique - getting a lot more popular.

  • From: John van Oppen
  • Date: Wed Jun 14 00:36:16 2006

It sure seems like this is a good demo of the best practice of having customers on their own VLANs with their own subnets.   We have been doing this since we started offering colo services, is this less common than I thought?

John


-----Ursprüngliche Nachricht-----
Von: Christopher L. Morrow [mailto:christopher.morrow@verizonbusiness.com] 
Gesendet: Tuesday, June 13, 2006 9:23 PM
An: Suresh Ramasubramanian
Cc: NANOG
Betreff: Re: Interesting new spam technique - getting a lot more popular.



On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:

> That was not my advice btw - just forwarding on what I saw.
>

oh,. apologies, i did cut the message down quite a bit :( I understood you
were quoting from the spamdiaries website, I apologize to the other
listeners (readers?) if it confused the issue.

> What you say does seem like a "must do" all right - but putting ARP
> filters in is actually a reasonable idea.
>

Atleast it'd trim down the 'problem' to the single customer subnet, I
assume that dedicated hosting folks don't just drop machines behind a
switch on one big flat subnet? That's probably a naive assumption though
:(  Perhaps this is clue #12 that that is a 'less than good' option? :)

> On 6/14/06, Christopher L. Morrow
> <christopher.morrow@verizonbusiness.com> wrote:
> >
> > On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:
> > >
> > > http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html
> > >
> > >     * Monitor your local network for interfaces transmitting ARP
> > > responses they shouldn't be.
> >
> > how about just mac security on switch ports? limit the number of mac's at
> > each port to 1 or some number 'valid' ?
> >
>
>
> --
> Suresh Ramasubramanian (ops.lists@gmail.com)
>




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.