Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Interesting new spam technique - getting a lot more popular.

  • From: Florian Weimer
  • Date: Wed Jun 14 12:45:43 2006

* Christopher L. Morrow:

> On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:
>>
>> http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html
>>
>>     * Monitor your local network for interfaces transmitting ARP
>> responses they shouldn't be.
>
> how about just mac security on switch ports? limit the number of mac's at
> each port to 1 or some number 'valid' ?

The attack is not visible at layer 2, so this won't help.  You need
static ARP tables on relevant hosts, but even that is only a stopgag
measure.  Better invest into one (virtual) router port per customer
host. 8-/




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.